Category Archives: Microsoft Dumps

Official 2014 Latest Microsoft 70-680 Exam Dump Free Download(41-50)

QUESTION 41
You have a customized image of Windows 7 Professional. You need to create a new unattended file to automate the deployment of the image. You must achieve this goal by using the minimum amount of administrative effort. What should you do first?

A.    Run Imagex.exe and specify the /mount parameter.
B.    Run Dism.exe and specify the /Mount-WIM parameter.
C.    From Microsoft Deployment Toolkit (MDT), add the custom Windows image (WIM).
D.    From Windows System Image Manager (Windows SIM), open the custom Windows image (WIM).

Answer: D
Explanation:
Windows SIMOpens Windows images, creates answer files, and manages distribution shares and configuration sets.NOT DismDeployment Image Servicing and Management (DISM) is a command-line tool used to service Windows?images offline before deployment. You can use it to install, uninstall, configure, and update Windows features, packages, drivers, and international settings. Subsets of the DISM servicing commands are also available for servicing a running operating system.NOT ImagexImageX is a command-line tool that enables original equipment manufacturers (OEMs) and corporations to capture, to modify, and to apply file-based disk images for rapid deployment. ImageX works with Windows image (.wim) files for copying to a network, or it can work with other technologies that use .wim images, such as Windows Setup, Windows Deployment Services (Windows DS), and the System Management Server (SMS) Operating System Feature Deployment Pack./mountMounts a .wim file from Windows XP with Service Pack 2 (SP2), Windows Server 2003 with Service Pack 1 (SP1), or Windows Vista with read-only permission to a specified directory. Once the file is mounted, you may view, but not modify, all the information contained in the directory.NOT MDT MDT 2010 is the Microsoft solution accelerator for operating system and application deployment and offers flexible driver management, optimized transaction processing, and access to distribution shares from any location. You can use the MDT on imaging and deployment servers to implement the automatic deployment of Windows 7 (for example) on client computers. It is possible to run MDT 2010 on a client running Windows 7, but in practice it would typically run from a distribution server running Windows Server 2008. The MDT provides detailed guidance and job aids and offers a common deployment console that contains unified tools and processes that you can use for client and server deployment. The toolkit offers standardized desktop and server images, along with improved security and ongoing configuration management.

QUESTION 42
You are deploying a custom Windows 7 system image to a new computer.
You perform the following tasks:
– Start the new computer by using the Windows preinstallation Environment (WPE).
– Connect to a shared network location that contains the Windows 7 image file.
You need to apply the Windows 7 image to the computer. What should you do before you apply the image?

A.    Mount the image.
B.    Configure Windows Firewall.
C.    Configure and format the hard disk drive.
D.    Initializa the Boot Configuration data (BCD) store.

Answer: C
Explanation:
Deploying from a Network Share
After you have imaged your reference installation, you can deploy the image onto new hardware (one or more destination computers). To access a network share as an installation source from the client computer, you need to boot the client computer into the Windows Preintallation Environment (Windows PE) environment. The Windows PE environment is a minimally featured operating system that allows you to access diagnostic and maintenance tools as well as access network drives. To deploy an image from a network share, you use the Diskpart tool to format the hard drive of a destination computer. Then you copy the image from the network share and begin the installation by running Setup.exe.

QUESTION 43
You have a computer that runs Windows 7. You have an application installation package named app1.msi. You need to perform a customized installation of app1.msi. What should you do?

A.    Create a transform file named app1.mst and then run Msiexec.exe /i app1.msi /t app1.mst.
B.    Create a transform file named app1.mst and then run Msinfo32.exe /i app1.msi /t.
C.    Create a transform file named app1.msp and then run Msiexec.exe /i app1.msi /t app1.mst.
D.    Create a transform file named app1.msp and then run Msinfo32.exe /i app1.msi /t.

Answer: A
Explanation:
Windows Installer Transform Files
A Windows Installer transform (.mst) file provides configuration settings for a customized installation. A transform file contains information about components, features, setup properties, and changes that you can use to customize your installation.
MsiexecProvides the means to install, modify, and perform operations on Windows Installer from the command line. To install or configure a product Syntax msiexec /i {package|ProductCode} /i: Installs or configures a product. /t : Applies transform to advertised package.NOT Msinfo32
Displays a comprehensive view of your hardware, system components, and software environment.

QUESTION 44
You have a computer that runs Windows 7.
You have a third party application.
You need to ensure that only a specific version of the application runs on the computer.
You have the application vendor’s digital signature. What should you do?

A.    From Application Control Policies, configure a path rule.
B.    From Application Control Policies, configure a publisher rule.
C.    From Software Restriction policies, configure a path rule.
D.    From Software Restriction policies, configure a certificate rule.

Answer: B

QUESTION 45
You have a computer that runs Windows 7 Professional. A removable drive is attached to the computer. You need to protect data on the removable drive by using Bitlocker To Go. What should you do first?

A.    Upgrade the computer to Windows 7 Enterprise.
B.    Install all Windows Updates for Windows 7 Professional.
C.    Issue a digital certificate for the Encryption File System (EFS).
D.    Select the Encrypt contents to secure data checkbox from the properties on the removable drive.

Answer: A
Explanation:
Windows 7 ProfessionalWindows 7 Professional is available from retailers and on new computers installed by manufacturers. It supports all the features available in Windows Home Premium, but you can join computers with this operating system installed to a domain. It supports EFS and Remote Desktop Host but does not support enterprise features such as AppLocker, DirectAccess, BitLocker, and BranchCache.Windows 7 Enterprise and Ultimate EditionsThe Windows 7 Enterprise and Ultimate editions are identical except for the fact that Windows 7 Enterprise is available only to Microsoft’s volume licensing customers, and Windows 7 Ultimate is available from retailers and on new computers installed by manufacturers. The Enterprise and Ultimate editions support all the features available in other Windows 7 editions but also support all the enterprise features such as EFS, Remote Desktop Host, AppLocker, DirectAccess, BitLocker, BranchCache, and Boot from VHD.

QUESTION 46
You attach a mobile device that runs Windows Mobile Professional 6.1 to a computer. You discover that windows is unable to install the necessary device drivers for the mobile device. You need to ensure that you can synchronize file to the mobile device. What should you do?

A.    From Windows Mobility Center, click Sync settings.
B.    From Sync Center, click set up new sync partnerships.
C.    From Device Manager, click scan for hardware changes.
D.    From Devices and Printers, right-click the device and click troubleshoot.

Answer: D
Explanation:
You cannot sync without the drivers installed. It says unable to install, assuming that it could find the device if it was able to reach attempting to install point. Therefore Troubleshoot.

QUESTION 47
You have a computer that runs Windows 7.
You view the properties of a file on the computer as show in the exhibit. (Click the Exhibit button.) You need to ensure that you can configure permissions on the file. What should you do?
 clip_image001

A.    From Folder Options, modify the View settings.
B.    Move the file to a disk that has the NTFS file system.
C.    Open Windows Explorer by using elevated privileges.
D.    Hold the SHIFT key, right-click the file, and click Properties.

Answer: B
Explanation:
Missing options hints not on NTFS. On NTFS volumes, you can set security permissions on files and folders. These permissions grant or deny access to the files and folders. You can view security permissions for files and folders by completing the following steps:
1. In Windows Explorer, right-click the file or folder you want to work with.
2. From the pop-up menu, select Properties, and then in the Properties dialog box click the Security tab.
3. In the Name list box, select the user, contact, computer, or group whose permissions you want to view. If the permissions are dimmed, it means the permissions are inherited from a parent object.

QUESTION 48
You install an application named app1.exe on a computer. After the installation the computer becomes unresponsive.
You restart the computer and attempt to uninstall App1.exe. The uninstallation of App1.exe fails. You need to restore the computer to its previous functional state.
You must achieve the goal by using the minimum amount of administration.
What should you do?

A.    From Recovery, restore a system restore point.
B.    From the Previous Versions tab of App1.exe, click Restore button.
C.    Start the computer, press F8 and then use the Last Known Good Configuration.
D.    Create a system repair disc and then start the computer from the system repair disc.

Answer: A
Explanation:
If you install an application that causes your computer to become unstable, you should first attempt to uninstall the application. If this does not solve the problem, you can restore system files and settings by performing a system restore to restore the computer to its last system restore point. A system restore returns a computer system to a selected restore point. System restores do not alter user files. Note that a system restore is not the same as a System Image restore.
Windows 7 creates system restore points on a regular schedule and prior to events such as the installation of applications and drivers. A restore point contains information about registry settings and other system information. Windows 7 generates restore points automatically before implementing significant system changes. You can manually create restore points and restore a computer system to a selected restore point. If you install an application or driver that causes your computer to become unstable, you should first attempt to uninstall the application or roll back the driver. If this does not solve the problem, you can restore system files and settings by performing a system restore to restore the computer to its last system restore point. A system restore returns a computer system to a selected restore point. System restores do not alter user files. Note that a system restore is not the same as a System Image restore.

QUESTION 49
You have a portable computer named Computer1 and a desktop computer named Computer2. Both computers run Windows 7. On computer2, you create a share named Share1 by using Advanced Sharing feature. You need to ensure that when you connect to Share1 from Computer1, the files that you open are automatically cached. What should you do?

A.    On Computer1, modify the Offline Files settings.
B.    On Computer1, modify the User Profile settings.
C.    On Computer2, modify the properties of Share1.
D.    On Computer2, modify the file sharing connection settings for the HomeGroup.

Answer: C
Explanation:
The caching feature of Shared Folders ensures that users have access to shared files even when they are working offline without access to the network. You can also use Shared Folders or Share and Storage Management to enable BranchCache on shared resources. The BranchCache feature in Windows?7 or Windows Server 2008 R2 enables computers in a branch office to cache files downloaded from this shared folder, and then securely serve the files to other computers in the branch.
To set caching options for a shared folder by using the Windows interface
1. Open Computer Management.2. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.3. In the console tree, click System Tools, click Shared Folders, and then click Shares.4. In the results pane, right-click the shared folder, and then click Properties.5. On the General tab, click Offline Settings, configure the offline availability options as appropriate and then click OK. Offline availability optionsSelect the following offline availability option for each shared folder:
All files and programs that users open from the share are automatically available offlineWhenever a user accesses the shared folder or volume and opens a file or program in it, that file or program will be automatically made available offline to that user. Files and programs that are automatically made available offline will remain in the Offline Files cache and synchronize with the version on the server until the cache is full or the user deletes the files. Files and programs that are not opened are not available offline.
 clip_image001[6]

QUESTION 50
You have a computer that runs Windows 7. The computers hard disks are configured as shown in the following table:
 clip_image001[8]
You need to ensure that you can recover the operating system and all the files on the computer if both hard disks fail.
Which two actions should you perform? (Each correct answer presents a part of the solution. Choose two.)

A.    Create a system image.
B.    Create a system repair disc.
C.    Shrink C and then create a new partition.
D.    Connect an external hard disk to the computer.

Answer: AD
Explanation:
A System Image is a copy of all the files and folders on the system disk (and other specified hard disks) on a computer. You can use a System Image backup to restore the computer to exactly what its configuration was when the System Image backup was created.
External hard drives can be removed and stored in a secure location.NOT System Repair Disc:A system repair disc can be used to boot your computer. It also contains Windows system recovery tools that can help you recover Windows from a serious error or restore your computer from a system image. It does not actually save the data and will only help if a system image exists elsewhere.NOT Shrink: All partitions are inaccessible is a hard disk fails.

Passing Microsoft 70-680 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-680 Dump:
http://www.braindump2go.com/70-680.html

Official 2014 Latest Microsoft 70-680 Exam Dump Free Download(31-40)

QUESTION 31
You have a computer named Computer1 that runs Windows 7. Computer1 is a member of an Active Directory domain. Remote Desktop is enabled on the computer. You share a folder on Computer1. You need to configure Computer1 to meet the following requirements:
– Allow computers in the local subnet to access the shared folder.
– Prevent computers in remote subnets from accessing the shared folder.
– Allow all computers to connect to Computer1 by using Remote Desktop.
What should you do?

A.    Modify the subnet mask.
B.    Modify the Public folder sharing settings.
C.    Disable network discovery on all computers located in remote subnets.
D.    Modify the properties of the File and Printer Sharing firewall exceptions.

Answer: D
Explanation:
Network ProfilesNetwork profiles are important because you can use them to apply different collections of firewall rules based on which network profile is active. A significant difference between Windows Vista and Windows 7 is that in Windows 7, profiles apply on a per-network interface basis. This means that if you have one network adapter connected to the Internet and another connected to your office LAN, different sets of rules apply for each connection. The firewall in Windows Vista chooses the most restrictive network profile when a computer has connections to different network types and applies the most restrictive set of rules to all interfaces.Allowing Programs Through Windows FirewallWindows Firewall allows you to configure exceptions based on programs. This differs from Windows Vista where Windows Firewall would allow you to configure exceptions based on port address. You can still create rules based on port address; you just have to do it using WFAS, covered later in this lesson. You can also allow specific Windows 7 features, such as Windows Virtual PC, through Windows Firewall. Feature rules become available when you enable the feature using the Programs And Features item in Control Panel. To add a rule for a feature or program, click Allow A Program Or Feature Through Windows Firewall item in the Windows Firewall section of Control Panel. The figure shows a list of currently installed features and any programs for which rules have been created as well as the profiles for which rules concerning those programs and features are enabled.File and Printer Sharing
This feature is used for sharing local files and printers with other users on the network.
(Uses NetBIOS, LLMNR, SMB and RPC)
 clip_image002[4]

QUESTION 32
You have a computer that runs Windows 7.
You attempt to add files to %programfiles%\app1 and receive a prompt to elevate your privileges. You need to ensure that you can add files to %programfiles%\app1 without receiving a prompt for elevated privileges.
The solution must prevent harmful applications from making unwanted changes to the system. What should you do?

A.    Enable the built-in administrator account.
B.    Modify the User Account Control (UAC) settings.
C.    Add your user account to the local Power Users group.
D.    Modify the permissions of the %programfiles%\app1 folder.

Answer: D
Explanation:
In order to secure a computer and its resources, you must consider the rights that users will have. You can secure a computer or multiple computers by granting users or groups specific user rights. You can help secure an object, such as a file or folder, by assigning permissions to allow users or groups to perform specific actions on that object.

QUESTION 33
You have a computer that runs Windows 7.
You configure the computer to automatically install all updates.
You need to verify whether a specific update is installed. What should you do?

A.    In event viewer, examine the application log.
B.    In windows update, examine the update history.
C.    At the command prompt, run Wusa.exe and specify the /kb parameter.
D.    At the command prompt, run Verifier.exe and specify the /query parameter.

Answer: B

QUESTION 34
You have a computer that runs Windows 7.
You need to identify which hardware is required to create a system repair disc.
What hardware should you identify?

A.    CD/DVD burner
B.    Floppy disk
C.    Tape drive
D.    USB disk

Answer: A

QUESTION 35
You have a computer that runs Windows 7.
You manually create a system restore point.
You need to restore a copy of a file stored on a drive C from two days ago.
You must act with minimum administrative effort.
What should you do?

A.    From recovery, select System Restore.
B.    From Backup and restore, select Restore my files.
C.    From the command prompt, run Wbadmin get items.
D.    From the properties of the file, select Previous Versions.

Answer: D
Explanation:
How do I view or restore previous versions of a file and folder? Right-click the file or folder, and then click Restore previous versions. You’ll see a list of available previous versions of the file or folder. The list will include files saved on a backup (if you’re using Windows Backup to back up your files) as well as restore points. To restore a previous version of a file or folder that’s included in a library, right-click the file or folder in the location where it’s saved, rather than in the library. For example, to restore a previous version of a picture that’s included in the Pictures library but is stored in the My Pictures folder, right-click the My Pictures folder, and then click Restore previous versions. For more information about libraries, see Include folders in a library.
 clip_image001
The Previous Versions tab, showing some previous versions of files
NOT System Restore: System Restore restores system files and settings and does not affect any of your documents, pictures, or other personal data.
NOT Backup and Restore: System restore point was created, no backup meantioned.NOT Wbadmin:
The Backup And Restore console does not provide a graphical tool for scheduling System Image backups. You need to create a System Image backup manually from the Backup
And Restore console whenever you have made significant changes to a computer’s configuration. Take care that if you restore a System Image backup and boot from it, or if you make the VHD bootable for failover protection, your computer could be vulnerable unless the System Image includes security updates. Although you cannot use Backup And Restore to schedule System Image backups, you can use the Wbadmin command-line utility to perform this function. For example, to initiate a System Image backup of the C: drive to the H: drive, you run the following command from an elevated command prompt:
wbadmin start backup -backuptarget:h: -include:c: -quiet

QUESTION 36
You have a computer that runs Windows Vista. The computer has one partition and 1 GB of RAM. You need to upgrade the computer to Windows 7. What should you do?

A.    Add 1 GB of RAM.
B.    Create a second partition.
C.    Disable User Account Control (UAC).
D.    Install Windows Vista Service pack 2 (SP2).

Answer: D
Explanation:
You should keep the following in mind prior to and during the upgrade from Windows Vista to Windows 7:
– Perform a full backup of the computer running Windows Vista prior to performing the installation. – That way, if things go wrong, you can do a full restore back to Windows Vista. You must ensure that Windows Vista has Service Pack 1 or later installed before you can upgrade it to Windows 7. – Ensure that you have the Windows 7 product key prior to the upgrade. – You cannot upgrade between processor architectures. An x86 version of Windows Vista cannot be upgraded to an x64 version of Windows 7, and vice versa. – You can upgrade only to an equivalent or higher edition of Windows 7. – You can upgrade Windows Vista Home Premium to Windows 7 Home Premium, Professional, Enterprise, or Ultimate, but not to Windows 7 Starter. Windows 7 Professional is equivalent to Windows Vista Business. – Ensure that there is at least 10 GB of free disk space on the Windows Vista volume prior to attempting the upgrade.Requirements:Windows 7 Home Premium, Professional, Ultimate, and Enterprise editions have the following minimum hardware requirements:
– 1 GHz 32-bit (x86) or 64-bit (x64) processor
– 1 GB of system memory- A 40-GB hard disk drive (traditional or SSD) with at least 15 GB of available space
– A graphics adapter that supports DirectX 9 graphics, has a Windows Display Driver Model (WDDM) driver, Pixel Shader 2.0 hardware, and 32 bits per pixel and a minimum of 128 MB graphics memory

QUESTION 37
You have a computer that runs Windows 7. The computer is configured as shown in the following table:
 clip_image001[6]
You plan to install a new application that requires 40 GB of space. The application will be installed to C:\app1.
You need to provide 40 GB of free space for the application. What should you do?

A.    Create a shortcut.
B.    Create hard link.
C.    Create a mount point.
D.    Change the quota settings.

Answer: C
Explanation:
Assign a mount point folder path to a driveYou can use Disk Management to assign a mount-point folder path (rather than a drive letter) to the drive. Mount-point folder paths are available only on empty folders on basic or dynamic NTFS volumes.Volume Mount PointsVolume mount points are new system objects in the internal namespace of Windows 2000 that represent storage volumes in a persistent, robust manner. This feature allows multiple disk volumes to be linked into a single tree, similar to the way Dfs links remote network shares. You can have many disk volumes linked together, with only a single drive letter pointing to the root volume. The combination of an NTFS junction and a Windows 2000 volume mount point can be used to graft multiple volumes into the namespace of a host NTFS volume. Windows 2000 offers this new mounting feature as an alternative to drive letters so system administrators can transcend the 26-drive letter limit that exists in Windows NT. Volume mount points are robust against system changes that occur when devices are added or removed from a computer. Important-icon Important A volume is a self-contained unit of storage administered by a file system. The file system that administers the storage in a volume defines a namespace for the volume. A volume mount point is a directory name in an NTFS file system that denotes the root of an arbitrary volume. A volume mount point can be placed in any empty directory of the namespace of the containing NTFS volume. Because volumes can be denoted by arbitrary directory names, they are not required to have a traditional drive letter. Placing a volume mount point on an NTFS directory causes the storage subsystem to resolve the directory to a specified local volume. This "mounting" is done transparently and does not require a drive letter to represent the volume. A Windows 2000 mount point always resolves to the root directory of the desired volume. Volume mount points require that the version of NTFS included with Windows 2000 be used because they are based on NTFS reparse points.

QUESTION 38
You have a computer that runs Windows 7.
You log on to the computer by using a user account that is a member of Administrator Group. From Windows Explorer you open C:\windows\system32\drivers\etc\hosts in notepad. You attempt to save the file and receive the save as dialog box.
You need to ensure that you can save changes to c:\windows\system32\drivers\.
What should you do?

A.    Stop the windows search service.
B.    Remove the inherited permissions from the file.
C.    Start Windows Notepad by using elevated privileges.
D.    Change the user account control (UAS) settings to Notify Me Only when programs try to make changes
to my computer.

Answer: C
Explanation:
Windows 7 does not allow applications to write data to these secure locations. User Account Control (UAC)UAC is a security feature of Windows 7 that informs you when the action that you want to undertake requires an elevation of privileges. If you logged on with a user account that was a member of the local administrators group in previous versions of Microsoft Windows, such as Windows XP, you automatically had administrator- level access at all times. This, by itself, was not a problem because recommended good practice was that people logged on with accounts that were members of the local administrator group only when they needed to do something related to administration. The problem with this is that people tended to use their administrator account as their normal user account. It was convenient for them because they did not have to log off and log on again each time they wanted to do something related to systems administration. Unfortunately, this behavior presented a security problem because any program run by a user logged on with an administrative account runs with the rights and privileges of that user. UAC resolves this problem by allowing a user that is a member of the local Administrators group to run as a standard user most of the time and to briefly elevate their privileges so that they are running as administrators when they attempt to carry out specific administration-related tasks.Privilege elevationAll users of clients running Windows 7 run with the rights of a standard user. When a user attempts an act that requires administrative privileges, such as creating a new user account, her rights need to be raised from those of a standard user to those of an administrative user. This increase in rights is termed privilege elevation. UAC is a gateway to privilege elevation. It allows users who are members of the local Administrators group to access administrative rights, but ensures that the person accessing the Administrative rights is aware that they are doing so. This privilege elevation occurs only for a specific task. Another task executed at the same time that also requires privilege elevation generates its own UAC

QUESTION 39
You have a computer that runs Windows 7.
The network contains a monitoring server named server1. The computer runs a monitoring service named Service1. Service1 uses Remote Procedure Calls (RPCs).
You need to ensure that Service1 can receive requests from Server1.
What should you do?

A.    From windows Firewall with Advanced Security, create a predefined rule.
B.    From windows Firewall with Advanced Security, create a custom rule.
C.    From the Network and Sharing Center, modify the network location settings.
D.    From the Network and Sharing Center, modify the advanced sharing settings.

Answer: B
Explanation:
Creating WFAS Rules
The process for configuring inbound rules and outbound rules is essentially the same: In the WFAS console, select the node that represents the type of rule that you want to create and then click New Rule. This opens the New Inbound (or Outbound) Rule Wizard. The first page, allows you to specify the type of rule that you are going to create. You can select between a program, port, predefined, or custom rule. The program and predefined rules are similar to what you can create using Windows Firewall. A custom rule allows you to configure a rule based on criteria not covered by any of the other options. You would create a custom rule if you wanted a rule that applied to a particular service rather than a program or port. You can also use a custom rule if you want to create a rule that involves both a specific program and a set of ports. For example, if you wanted to allow communication to a specific program on a certain port but not other ports, you would create a custom rule.

QUESTION 40
You have a customized image of Windows 7 Professional. You mount the image and modify the contents of the image. You need to restore the image to its original state. Which tool should you use?

A.    Dism.exe
B.    Ocsetup.exe
C.    Pkgmgr.exe
D.    Sysprep.exe

Answer: A
Explanation:
Dism
Deployment Image Servicing and Management (DISM) is a command-line tool used to service Windows images offline before deployment. You can use it to install, uninstall, configure, and update Windows features, packages, drivers, and international settings. Subsets of the DISM servicing commands are also available for servicing a running operating system.
Windows 7 introduces the DISM command-line tool. You can use DISM to service a Windows image or to prepare a Windows PE image. DISM replaces Package Manager (Pkgmgr.exe), PEimg, and Intlcfg in Windows Vista, and includes new features to improve the experience for offline servicing.
You can use DISM to perform the following actions:
* Prepare a Windows PE image.
* Enable or disable Windows features within an image.
* Upgrade a Windows image to a different edition.
* Add, remove, and enumerate packages.
* Add, remove, and enumerate drivers.
* Apply changes based on the offline servicing section of an unattended answer file.
* Configure international settings.
* Implement powerful logging features.
* Service operating systems such as Windows Vista with SP1 and Windows Server 2008.
* Service a 32-bit image from a 64-bit host and service a 64-bit image from a 32-bit host.
* Service all platforms (32-bit, 64-bit, and Itanium).
* Use existing Package Manager scripts.
DISM Command-Line Options
To service a Windows image offline, you must apply or mount it. WIM images can be mounted using the WIM commands within DISM, or applied and then recaptured using ImageX. You can also use the WIM commands to list the indexes or verify the architecture for the image you are mounting. After you update the image, you must dismount it and then either commit or discard the changes you have made.
NOT Sysprep
Sysprep is a tool designed for corporate system administrators, OEMs, and others who need to deploy the Windows XP operating system on multiple computers. After performing the initial setup steps on a single system, you can run Sysprep to prepare the sample computer for cloning.
Sysprep prepares the image for capture by cleaning up various user-specific and omputerspecific settings, as well as log files. The reference installation now is complete and ready to be imaged.

Passing Microsoft 70-680 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-680 Dump:
http://www.braindump2go.com/70-680.html

Official 2014 Latest Microsoft 70-680 Exam Dump Free Download(21-30)

QUESTION 21
You have two computers named Computer1 and Computer2 that run Windows 7. Both computers are members of an Active Directory domain. Windows Remote Management (WinRM) is
enabled on both computers.
You need to remotely create additional disk volumes on Computer1 from Computer2. What should you do?

A.    On Computer2, run Winrs and then run Diskpart.
B.    On Computer2, run Winrs and then run Diskmgmt.msc.
C.    On Computer1, install the Telnet Client and then run Diskpart from Computer2.
D.    On Computer1, install the Telnet Client and then use Disk Management from Computer2.

Answer: A
Explanation:
Winrs You can use WinRS to execute command-line utilities or scripts on a remote computer. To use WinRS, open a command prompt and prefix the command that you want to run on the remote computer with the WinRS -r: RemoteComputerName command. For example, to execute the Ipconfig command on a computer named Aberdeen, issue the command: WinRS -r:Aberdeen ipconfig The Windows Remote Management service allows you to execute commands on a remote computer, either from the command prompt using WinRS or from Windows PowerShell. Before you can use WinRS or Windows PowerShell for remote management tasks, it is necessary to configure the target computer using the WinRM command. To configure the target computer, you must run the command WinRM quickconfig from an elevated command prompt.
Diskpart: Microsoft command-line tool Diskpart is used to create and format volumes on the target computer.

QUESTION 22
A remote user has a computer that runs Windows 7. The user reports that he receives several error messages while using an application.
You do not have remote access to the user’s computer. You need to tell the user how to create
screenshots of the actions he performs on the computer. The solution must track the mouse actions that the user performs. What should you instruct the user to do?

A.    Press ALT + PrintScreen.
B.    Run Psr.exe and then click Start Record.
C.    From Mouse Properties, select Display pointer trails.
D.    Run Snippingtool.exe, click New, and then click Window Snip.

Answer: B
Explanation:
How do I use Problem Steps Recorder?You can use Problem Steps Recorder to automatically capture the steps you take on a computer, including a text description of where you clicked and a picture of the screen during each click (called a screen shot). Once you capture these steps, you can save them to a file that can be used by a support professional or someone else helping you with a computer problem.NotesWhen you record steps on your computer, anything you type will not be recorded. If what you type is an important part of recreating the problem you’re trying to solve, use the comment feature described below to highlight where the problem is occurring.

QUESTION 23
You have a computer that runs Windows 7. The computer’s disk is configured as shown in the exhibit. (Click the Exhibit button.)
 clip_image002
You need to extend volume C.
What should you do first?

A.    Back up and delete volume D.
B.    Convert disk 0 to a dynamic disk.
C.    Remove the crash dump from volume C.
D.    Move the paging file from volume C to volume E.

Answer: A
Explanation:
Extend a Basic Volume
You can add more space to existing primary partitions and logical drives by extending them into adjacent unallocated space on the same disk. To extend a basic volume, it must be raw or formatted with the NTFS file system. You can extend a logical drive within contiguous free space in the extended partition that contains it. If you extend a logical drive beyond the free space available in the extended partition, the extended partition grows to contain the logical drive. For logical drives, boot, or system volumes, you can extend the volume only into contiguous space and only if the disk can be upgraded to a dynamic disk. For other volumes, you can extend the volume into noncontiguous space, but you will be prompted to convert the disk to dynamic.

QUESTION 24
You need to increase the size of a paging file. What should you do?

A.    From Disk Management, shrink the boot partition.
B.    From Disk Management, shrink the system partition.
C.    From System, modify the Advanced system settings.
D.    From System, modify the System protection settings.

Answer: C
Explanation:
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the Advanced tab.
3. In the Performance pane, click Settings.
4. In the Performance Options dialog box, click the Advanced tab.
5. In the Virtual memory pane, click Change.
6. Change the Initial size value and the Maximum size value to a higher value, click Set, and then click OK.
7. Click OK to close the Performance Options dialog box, and then click OK to close the System Properties dialog box.

QUESTION 25
You have a computer that runs Windows Vista (x86). You need to perform a clean installation of Windows 7 (64-bit). What should you do?

A.    From the Windows 7 installation media, run Rollback.exe.
B.    From the Windows 7 installation media, run Migsetup.exe.
C.    Start the computer from the Windows 7 installation media. From the Install Windows dialog box,
select the Upgrade option.
D.    Start the computer from the Windows 7 installation media. From the Install Windows dialog box,
select the Custom (advanced) option.

Answer: D
Explanation:
When you are performing a clean installation, you should select Custom (Advanced). Almost all installations ofm Windows 7 that you will perform will be of the Custom (Advanced) type rather than upgrades. You can initiate upgrade installations only from within Windows Vista or Windows 7.NOT Rollback, Migsetup, or Upgrade:Specified clean installation not migration, update or rollback.

QUESTION 26
Your network consists of a single Active Directory forest.
You have 50 portable computers and 50 desktop computers. All computers have 32-bit hardware. You plan to deploy Windows 7 and 10 corporate applications to the computers by using a custom image.
You need to prepare for the deployment by using the minimum amount of administrative effort. What should you do first?

A.    On one computer, install Windows 7 and the corporate applications.
B.    On one portable computer and one desktop computer, install Windows 7 and the corporate applications.
C.    On a server, install and run the Microsoft Assessment and Planning (MAP) Toolkit.
D.    On a server, install the Windows Automated Installation Kit (AIK) and run Windows System Image Manager
(Windows SIM).

Answer: A
Explanation:
To prepare the reference computer for the user, you use the Sysprep utility with the /generalize option to remove hardware-specific information from the Windows installation and the /oobe option to configure the computer to boot to Windows Welcome upon the next restart. Open an elevated command prompt on the reference computer and run the following command: c:\windows\system32\sysprep\sysprep.exe /oobe /generalize /shutdown.
Sysprep prepares the image for capture by cleaning up various user-specific and computerspecific settings, as well as log files. The reference installation now is complete and ready to be imaged.

QUESTION 27
You have a computer that runs Windows 7. You need to copy files to a virtual hard disk (VHD) file. What should you do first?

A.    Run Dism.exe and specify the /image and /online parameters.
B.    Open Windows Explorer, right-click the VHD file and select Open.
C.    Run Diskpart.exe and then run the select and attach commands.
D.    Run Imagex.exe and specify the /mountrw and /append parameters.

Answer: C
Explanation:
Diskpart Microsoft command-line tool Diskpart is used to create and format volumes on the target computer.SelectShift the focus to an object.AttachAttaches a virtual disk file.

QUESTION 28
You have a computer that runs Windows 7.
You create an application shim for a third-party application by using the Microsoft Application Compatibility Toolkit (ACT). You need to ensure that the application shim is applied the next time you run the application. What should you do first?

A.    Run Sdbinst.exe.
B.    Run Msiexec.exe.
C.    Right-click the application executable file and modify the compatibility settings.
D.    Right-click the application executable file and modify the advanced security settings.

Answer: A

QUESTION 29
You have a computer that runs Windows 7. Multiple users log on to the computer. The computer has five removable devices. You need to ensure that users can only access removable devices that have been previously installed on the computer.
What should you modify in the Local Group Policy?

A.    Enable the Prevent redirection of USB devices setting.
B.    Enable the Prevent installation of removable devices setting.
C.    Disable the WPD Devices: Deny read access setting.
D.    Disable the Allow administrators to override Device Installation Restriction policies setting.

Answer: B
Explanation:
Prevent installation of removable devices
This policy setting allows you to prevent Windows from installing removable devices. A device is considered removable when the driver for the device to which it is connected indicates that the device is removable. For example, a Universal Serial Bus (USB) device is reported to be removable by the drivers for the USB hub to which the device is connected. This policy setting takes precedence over any other policy setting that allows Windows to install a device. If you enable this policy setting, Windows is prevented from installing removable devices and existing removable devices cannot have their drivers updated. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of removable devices from a remote desktop client to the remote desktop server. If you disable or do not configure this policy setting, Windows can install and update device drivers for removable devices as allowed or prevented by other policy settings. NOT Prevent redirection of USB devicesThis policy setting prevents redirection of USB devices. If you enable this setting, an alternate driver for USB devices cannot be loaded. If you disable or do not configure this setting, an alternate driver for USB devices can be loaded.

QUESTION 30
Your network consists of a single Active Directory domain named contoso.com.
You have a server named Server1 that runs a custom network application.
Server1 has the following IP addresses:
– 192.168.15.10
– 192.168.15.11
You need to ensure that a client computer resolves server1.contoso.com to only the 192.168.15.11 IP address. What should you do from the computer?

A.    Edit the hosts file.
B.    Edit the lmhosts file.
C.    Run Ipconfig.exe /flushdns.
D.    Run Netsh interface ipv4 reset.

Answer: A
Explanation:
Differences Between the HOSTS and LMHOSTS Files in Windows NT In Windows NT, the HOSTS file is for TCP/IP utilities, and the LMHOSTS file is for LAN Manager NET utilities. If you cannot PING another computer (using a friendly name), check the HOSTS file. If you cannot NET VIEW a server using only the TCP/IP protocol, check the LMHOSTS file.
Hosts fileThe Hosts file is a common way to resolve a host name to an IP address through a locally stored text file that contains IP-address-to-host-name mappings. On most UNIX- based computers, this file is /etc/hosts. On Windows-based computers, this file is the Hosts file in the systemroot\System32\Drivers\Etc folder. The following describes the attributes of the Hosts file for Windows: A single entry consists of an IP (IPv4 or IPv6) address and one or more host names. The Hosts file is dynamically loaded into the DNS client resolver cache, which Windows Sockets applications use to resolve a host name to an IP address on both local and remote subnets. When you create entries in the Hosts file and save it, its contents are automatically loaded into the DNS client resolver cache. The Hosts file contains a default entry for the host name localhost. The Hosts file can be edited with any text editor. Each host name is limited to 255 characters. Entries in the Hosts file for Windows-based computers are not case sensitive. The advantage of using a Hosts file is that users can customize it for themselves. Each user can create whatever entries they want, including easy-to-remember nicknames for frequently accessed resources. However, the individual maintenance required for the Hosts file does not scale well to storing large numbers of FQDN mappings or reflecting changes to IP addresses for servers and network resources. The solution for the large-scale storage and maintenance of FQDN mappings is DNS. The solution for the maintenance of FQDN mappings for changing IP addresses is DNS dynamic update.NOT LMHOSTS FileThe LMHOSTS file is a local text file that maps IP addresses to NetBIOS names of remote servers with which you want to communicate over the TCP/IP protocol. Windows recognizes names instead of IP addresses for network requests and a name discovery process is used to correctly route network requests with TCP/IP. Because the name discovery process is generally not routed by an IP router, the LMHOSTS file allows Windows machines to communicate using TCP/IP across a subnet.
– LMHOSTS contains IP address to "NetBIOS over TCP/IP" name translations.
– LMHOSTS is only used by the NBT (NetBIOS over TCP/IP) interface.
– LMHOSTS file contains some valuable additions to the LAN Manager and Windows for Workgroups
– LMHOSTS file, such as the ability to support routed domain logon validation.
– LMHOSTS contains static information about TCP/IP addresses, but using logon scripts and/or the replicator service, the "master" file can be distributed transparently across all stations.
– By default, the LMHOSTS file should be located in the directory %SYSTEMROOT%\SYSTEM32\DRIVERS \ETC (usually
C:\WINNT\SYSTEM32\DRIVERS\ETC).
Other info
http://support.microsoft.com/kb/105997

Passing Microsoft 70-680 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-680 Dump:
http://www.braindump2go.com/70-680.html

Official 2014 Latest Microsoft 70-680 Exam Dump Free Download(11-20)

QUESTION 11
You have a portable computer that runs Windows 7. You configure the computer to enter sleep mode after 10 minutes of inactivity. You do not use the computer for 15 minutes and discover that the computer has not entered sleep mode. You need to identify what is preventing the computer from entering sleep mode. What should you do?

A.    At a command prompt, run Powercfg energy.
B.    At a command prompt, run Systeminfo /s localhost.
C.    From Performance Monitor, review the System Summary.
D.    From Performance Information and Tools, review the detailed performance and system information.

Answer: A
Explanation:
Command-line Power Configuration
Powercfg.exe is a command-line utility that you can use from an administrative command prompt to manage Windows 7 power settings. It is possible to use Powercfg.exe to configure a number of Windows 7 powerrelated settings that you cannot configure through Group Policy or the Advanced Plan Settings dialog box. You can use Powercfg.exe to configure specific devices so that they are able to wake the computer from the Sleep state. You can also use Powercfg.exe to migrate power policies from one computer running Windows 7 to another by using the import and export functionality.
-energy
Check the computer for common energy-efficiency and battery life problems. Provides report in Hypertext Markup Language (HTML) format.For more information on Powercfg.exe, consult the following Microsoft TechNet document:
http://technet.microsoft.com/en-us/library/cc748940.aspx.

QUESTION 12
You have a computer that runs Windows 7. Your network contains a VPN server that runs Windows Server 2008. You need to authenticate to the VPN server by using a smart card. Which authentication setting should you choose?

A.    CHAP
B.    EAP
C.    MS-CHAP v2
D.    PAP

Answer: B
Explanation:
VPN Server Software Requirements
VPN server software requirements for smart card access are relatively straightforward. The remote access servers must run Windows 2000 Server or later, have Routing and Remote Access enabled, and must support Extensible Authentication Protocol-Transport Layer Security (EAP-TLS). EAP-TLS is a mutual authentication mechanism developed for use in conjunction with security devices, such as smart cards and hardware tokens. EAP-TLS supports Point-to-Point Protocol (PPP) and VPN connections, and enables exchange of shared secret keys for MPPE, in addition to Ipsec. The main benefits of EAP-TLS are its resistance to brute-force attacks and its support for mutual authentication. With mutual authentication, both client and server must prove their identities to each other. If either client or server does not send a certificate to validate its identity, the connection terminates.Microsoft Windows ServerTM 2003 supports EAP-TLS for dial-up and VPN connections, which enables the use of smart cards for remote users. For more information about EAP-TLS, see the Extensible Authentication Protocol (EAP) topic at www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/auth_eap.
mspx.
For more information about EAP certificate requirements, see the Microsoft Knowledge Base article "Certificate Requirements when you use EAP-TLS or PEAP with EAP-TLS" at http://support.microsoft.com/default.aspx? scid=814394.

QUESTION 13
You have a computer named Computer1 that runs Windows 7.
The computer is a member of an Active Directory domain. The network contains a file server named Server1 that runs Windows Server 2008. You log on to the computer by using an account named User1. You need to ensure that when you connect to Server1, you authenticate by using an account named Admin1. What should you do on Computer1?

A.    From User Accounts, select Link online IDs.
B.    From Windows CardSpace, select Add a card.
C.    From Credential Manager, select Add a Windows credential.
D.    From Local Security Policy, modify the Access this computer from the network user right.

Answer: C
Explanation:
Credential Manager
Credential Manager stores logon user name and passwords for network resources, including file servers, Web sites, and terminal services servers. Credential Manager stores user name and password data in the Windows Vault. You can back up the Windows Vault and restore it on other computers running Windows 7 as a method of transferring saved credentials from one computer to another. Although Credential Manager can be used to back up some forms of digital certificates, it cannot be used to back up and restore the self- signed Encrypting File System (EFS) certificates that Windows 7 generates automatically when you encrypt a file. For this reason, you must back up EFS certificates using other tools. You will learn about backing up EFS certificates later in this lesson.
 clip_image002[1]

QUESTION 14
You have a computer that runs Windows 7. You create a HomeGroup. You need to secure the HomeGroup to meet the following requirements:
– Allow access to the HomeGroup when you are connected to private networks.
– Block access to the HomeGroup when you are connected to public networks.
What should you do?

A.    From Network and Sharing Center, modify the advanced sharing settings.
B.    From the HomeGroup settings in Control Panel, modify the advanced sharing settings.
C.    Configure the HomeGroup exception in Windows Firewall to include Home or work (private) networks
and block Public networks.
D.    Configure the File and Printer Sharing exception in Windows Firewall to include Home or work (private)
networks and block Public networks.

Answer: C
Explanation:
Windows Firewall does not allow you to create firewall rules for specific network locations on the basis of port address. Windows Firewall does not allow you to create rules that differentiate between the home and work network locations. You can only create rules that differentiate on the basis of home and work or public network locations.
HomeGroup Connections
This option decides how authentication works for connections to HomeGroup resources. If all computers in the HomeGroup have the same user name and passwords configured, you can set this option to allow Windows to manage HomeGroup connections. If different user accounts and passwords are present, you should configure the option to use user accounts and passwords to connect to other computers. This option is available only in the Home/Work network profile.

QUESTION 15
A user named User1 uses a shared computer that runs Windows 7. User1 is a member of group named Group1. The computer contains a folder named Folder1.
You need to configure the permissions on Folder1 to meet the following requirements:
– User1 must be allowed to delete all files in Folder1.
– Members of Group1 must be able to create files in Folder1.
– All other members of Group1 must be prevented from deleting files they did not create in Folder1.
– All users must be prevented from modifying the permissions on Folder1.
What should you do?

A.    Assign Group1 the Write permission. Assign User1 the Modify permission.
B.    Assign Group1 the Modify permission. Assign User1 the Write permission.
C.    Deny Group1 the Write permission. Assign User1 the Modify permission.
D.    Deny Group1 the Modify permission. Assign User1 the Write permission.

Answer: A
Explanation:
File and Folder Permissions
ReadFolders: Permits viewing and listing of files and subfoldersFiles: Permits viewing or accessing of the file’s contentsWriteFolders: Permits adding of files and subfoldersFiles:
Permits writing to a fileRead & ExecuteFolders: Permits viewing and listing of files and subfolders as well as executing of files; inherited by files and folders Files: Permits viewing and accessing of the file’s contents as well as executing of the fileList Folder ContentsFolders: Permits viewing and listing of files and subfolders as well as executing of files; inherited by folders onlyFiles: N/AModifyFolders: Permits reading and writing of files and subfolders; allows deletion of the folderFiles: Permits reading and writing of the file; allows deletion of the fileFull ControlFolders: Permits reading, writing, changing, and deleting of files and subfoldersFiles: Permits reading, writing, changing and deleting of the file

QUESTION 16
Your company has an internal Web site that requires HTTPS. The Web site’s certificate is self-signed. You have a computer that runs Windows 7 and Windows Internet Explorer 8. You use HTTPS to browse to the Web site and receive the following warning message. There is a problem with this website’s security certificate. You need to prevent the warning message from appearing when you access the Web site. What should you do?

A.    From Internet Explorer, enable InPrivate Browsing.
B.    From Internet Explorer, add the Web site to the Trusted sites zone.
C.    From Certificate Manager, import the Web sites certificate into your Personal store.
D.    From Certificate Manager, import the Web sites certificate into your Trusted Root Certification
Authorities store.

Answer: D
Explanation:
Certificate Manager
A certificate manager can approve certificate enrollment and revocation requests, issue certificates, and manage certificates. This role can be configured by assigning a user or group the Issue and Manage Certificatespermission. When you assign this permission to a user or group, you can further refine their ability to manage certificates by group and by certificate template. For example, you might want to implement a restriction that they can only approve requests or revoke smart card logon certificates for users in a certain office or organizational unit that is the basis for a security group.Importing CertificatesYou may restore certificates and the corresponding private keys from a file.
6. Right-click the certificate store you want to import, and click Install PFX on the context menu.
7. The Certificate Import Wizard launches. Click Next.
8. In the File name text box, type the name of the certificate file that you want to import. Alternatively, you can find the file by clicking Browse.
9. Click Next. If the file specified is a Personal Information Exchange-KCS #12 (*.pfx), you will be prompted for the password. Enter the password to import the file. Click Next.
10. On the next page, select where you’d like to store the certificate. Click Next.
11. The next wizard page contains summary information about the file that you are importing. Click Finish to import the file. The certificate(s) are now ready for use by the system.

QUESTION 17
Your network has a main office and a branch office. The branch office has five client computers that run Windows 7. All client computers are configured to use BranchCache. At the branch office, a computer named Computer1 is  experiencing performance issues. You need to temporarily prevent all computers from retrieving cached content from Computer1. What should you do on Computer1?

A.    At the command prompt, run Netsh branchcache flush.
B.    At the command prompt, run Netsh branchcache dump.
C.    Modify the Configure BranchCache for network files Group Policy setting.
D.    Modify the Set percentage of disk space used for client computer cache Group Policy setting.

Answer: A
Explanation:
Flush
Deletes the contents of the local BranchCache cache.

QUESTION 18
You have a standalone computer that runs Windows 7. Multiple users share the computer. You need to ensure that you can read the content of all encrypted files on the computer. What should you do?

A.    Run the Certificates Enrollment wizard and then run Certutil.exe -importpfx.
B.    Run the Certificates Enrollment wizard and then run Certutil.exe -installcert.
C.    Run Cipher.exe /r and then add a data recovery agent from the local security policy.
D.    Run Cipher.exe /rekey and then import a security template from the local security policy.

Answer: C
Explanation:
Cipher
Displays or alters the encryption of folders and files on NTFS volumes. Used without parameters, cipher displays the encryption state of the current folder and any files it contains. Administrators can use Cipher.exe to encrypt and decrypt data on drives that use the NTFS file system and to view the encryption status of files and folders from a command prompt. The updated version adds another security option. This new option is the ability to overwrite data that you have deleted so that it cannot be recovered and accessed.When you delete files or folders, the data is not initially removed from the hard disk. Instead, the space on the disk that was occupied by the deleted data is "deallocated." After it is deallocated, the space is available for use when new data is written to the disk. Until the space is overwritten, it is possible to recover the deleted data by using a low-level disk editor or data-recovery software.
If you create files in plain text and then encrypt them, Encrypting File System (EFS) makes a backup copy of the file so that, if an error occurs during the encryption process, the data is not lost. After the encryption is complete, the backup copy is deleted. As with other deleted files, the data is not completely removed until it has been overwritten. The new version of the Cipher utility is designed to prevent unauthorized recovery of such data.
/K Creates a new certificate and key for use with EFS. If this option is chosen, all the other options will be ignored. By default, /k creates a certificate and key that conform to current group plicy. If ECC is specified, a self-signed certificate will be created with the supplied key size. /R Generates an EFS recovery key and certificate, then writes them to a .PFX file (containing certificate and private key) and a .CER file (containing only the certificate). An administrator may add the contents of the .CER to the EFS recovery policy to create the recovery for users, and import the .PFX to recover individual files. If SMARTCARD is specified, then writes the recovery key and certificate to a smart card. A .CER file is generated (containing only the certificate). No .PFX file is genereated. By default, /R creates an 2048-bit RSA recovery key and certificate. If EECC is specified, it must be followed by a key size of 356, 384, or 521.

QUESTION 19
Your network contains an Active Directory domain. All servers run Windows Server 2008 R2 and are members of the domain. All servers are located in the main office. You have a portable computer named Computer1 that runs Windows 7. Computer1 is joined to the domain and is located in a branch office.A file server named Server1 contains a shared folder named Share1.
You need to configure Computer1 to meet the following requirements:
– Minimize network traffic between the main office and the branch office.
– Ensure that Computer1 can only access resources in Share1 while it is connected to the network.
What should you do?

A.    On Computer1, enable offline files.
B.    On Computer1, enable transparent caching.
C.    On Server1, configure DirectAccess.
D.    On Server1, configure Share1 to be available offline.

Answer: B
Explanation:
Transparent Caching
When you enable transparent caching, Windows 7 keeps a cached copy of all files that a user opens from shared folders on the local volume. The first time a user opens the file, the file is stored in the local cache. When the user opens the file again, Windows 7 checks the file to ensure that the cached copy is up to date and if it is, opens that instead. If the copy is not up to date, the client opens the copy hosted on the shared folder, also placing it in the local cache. Using a locally cached copy speeds up access to files stored on file servers on remote networks from the client. When a user changes a file, the client writes the changes to the copy of the file stored on the shared folder. When the shared folder is unavailable, the transparently cached copy is also unavailable. Transparent caching does not attempt to keep the local copy synced with the copy of the file on the remote file server as the Offline Files feature does. Transparent caching works on all files in a shared folder, not just those that you have configured to be available offline.

QUESTION 20
You have a computer that runs Windows 7.
Your network contains a DHCP server that runs Windows Server 2008 R2. The server is configured as a Network Access Protection (NAP) enforcement point.
You need to configure the computer as a NAP client.
Which two actions should you perform? (Each correct answer presents a part of the solution. Choose two.)

A.    From Services, set the Netlogon service Startup Type to Automatic.
B.    From Services, set the Network Access Protection Agent service Startup Type to Automatic.
C.    From the NAP Client Configuration console, configure the user interface settings.
D.    From the NAP Client Configuration console, enable the DHCP Quarantine Enforcement Client.

Answer: BD
Explanation:
Network Access Protection
Network Access Protection (NAP) is a feature in Windows Server 2008 that controls access to network resources based on a client computer’s identity and compliance with corporate governance policy. NAP allows network administrators to define granular levels of network access based on who a client is, the groups to which the client belongs, and the degree to which that client is compliant with corporate governance policy. If a client is not compliant, NAP provides a mechanism to automatically bring the client back into compliance and then dynamically increase its level of network access.NAP Client ConfigurationNetwork Access Protection (NAP), a new feature in Windows Vista?and Windows Server?2008, allows you to control the access of client computers to network resources based on computer identity and compliance with corporate governance policy. To implement NAP, you must configure NAP settings on both servers and client computers. There are three tools that you can use to configure NAP client settings: The NAP Client Configuration console provides a graphical user interface with which you can configure NAP client settings on the local computer or in a configuration file that you can save and apply to other computers. The Netsh commands for NAP client provide a command-line tool that you can use to configure client computers or to create a configuration file that you can save and apply to other computers. If you want to manage NAP client settings on domain member client computers, you can use the Group Policy Management Console and the Group Policy Management Editor. When you configure NAP client settings in Group Policy, these settings are applied on NAP-capable domain member client computers when Group Policy is refreshed.To enable and disable the DHCP enforcement client by using the Windows interface
1. To open the NAP Client Configuration console, click Start, click All Programs, click Accessories, click Run, type NAPCLCFG.MSC, and then click OK.
2. Click Enforcement Clients.
3. Right-click DHCP Enforcement Client, and then click Enable or Disable.Network Access
Protection Agent
The Network Access Protection (NAP) agent service collects and manages health information for client computers on a network. Information collected by NAP agent is used to make sure that the client computer has the required software and settings. If a client computer is not compliant with health policy, it can be provided with restricted network access until its configuration is updated. Depending on the configuration of health policy, client computers might be automatically updated so that users quickly regain full network access without having to manually update their computer.

Passing Microsoft 70-680 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-680 Dump:
http://www.braindump2go.com/70-680.html

Official 2014 Latest Microsoft 70-680 Exam Dump Free Download(1-10)

QUESTION 1
You have a computer that runs Windows 7. The computer has System Protection enabled. You need to retain only the last System Protection snapshot of the computer. All other snapshots must be deleted. What should you do?

A.    Run Disk Cleanup for Programs and features.
B.    Run Disk Cleanup for System Restore and Shadow Copies.
C.    From the System Protection Restore settings, select Turn off System Restore.
D.    From the System Protection Restore settings, select Only restore previous versions of files.

Answer: B
Explanation:
 clip_image001
Shadow info:
Shadow copies are automatically saved as part of a restore point. If system protection is enabled, Windows 7 automatically creates shadow copies of files that have been modified since the last restore point was created. By default, new restore points are created every seven days or whenever a significant system change (such as a driver or application installation) occurs.

QUESTION 2
You have a reference computer that runs Windows 7. You plan to deploy an image of the computer. You create an answer file named answer.xml. You need to ensure that the installation applies the answer file after you deploy the image. Which command should you run before you capture the image?

A.    Imagex.exe /append answer.xml /check.
B.    Imagex.exe /mount answer.xml /verify.
C.    Sysprep.exe /reboot /audit /unattend:answer.xml.
D.    Sysprep.exe /generalize /oobe /unattend:answer.xml.

Answer: D
Explanation:
To prepare the reference computer for the user, you use the Sysprep utility with the /generalize option to remove hardware-specific information from the Windows installation and the /oobe option to configure the computer to boot to Windows Welcome upon the next restart. Open an elevated command prompt on the reference computer and run the following command: c:\windows\system32\sysprep\sysprep.exe /oobe /generalize /shutdown Sysprep prepares the image for capture by cleaning up various user-specific and computer-specific settings, as well as log files. The reference installation now is complete and ready to be imaged.

QUESTION 3
You have a computer that runs Windows Vista Service Pack 2 (SP2). You need to upgrade the computer to Windows 7. What should you do?

A.    Start the computer from the Windows 7 installation media and select the Upgrade option.
B.    Start the computer from the Windows 7 installation media and select the Custom (advanced) option.
C.    From Windows Vista, run Setup.exe from the Windows 7 installation media and select the Upgrade option.
D.    From Windows Vista, run Setup.exe from the Windows 7 installation media and select the Custom option.

Answer: C
Explanation:
Upgrading Windows Vista to Windows 7 instructionsAccess the Windows 7 installation source and double-click Setup.exe. When prompted by User Account Control, click Allow. This loads the Install Windows page. Click Install Now.Other NotesYou can upgrade computers running Windows Vista to Windows 7. When you upgrade from Windows Vista to Windows 7, all documents, settings, applications, and user accounts that existed on the computer running Windows Vista are available when the upgrade is finished. The advantage to an upgrade is that it allows you to keep the current application configuration. When you perform a migration, you need to reinstall the user’s applications on the new computer. As mentioned previously, this can be problematic in organizations that are not careful about keeping track of which specific set of applications are installed on each user’s computer. Prior to attempting to perform the upgrade from Windows Vista to Windows 7, you should run the Windows 7 Upgrade Advisor. The Windows 7 Upgrade Advisor is an application that you can download from Microsoft’s Web site that will inform you if Windows 7 supports a computer running the current hardware and software configuration of Windows Vista. Prior to running the Windows 7 Upgrade Advisor, you should ensure that all hardware that you want to use with Windows 7, such as printers, scanners, and cameras, are connected to the computer. The Upgrade Advisor generates a report that informs you of which applications and devices are known to have problems with Windows
7. A similar compatibility report is generated during the upgrade process, but the version created by the Windows 7 Upgrade Advisor is more likely to be up to date.

QUESTION 4
You plan to deploy Windows 7 to 100 computers on your corporate network.
You install Windows 7 on a computer. You and need to prepare the computer to be imaged. What should you do before you create the image of the computer?

A.    At the command prompt, run the Dism command.
B.    At the command prompt, run the Sysprep command.
C.    Start the computer from the Windows Preinstallation Environment (Windows PE) and then run the ImageX
command.
D.    Start the computer from the Windows Preinstallation Environment (Windows PE) and then run the Wpeutil
command.

Answer: B
Explanation:
Sysprep
Sysprep is a tool designed for corporate system administrators, OEMs, and others who need to deploy the Windows?XP operating system on multiple computers. After performing the initial setup steps on a single system, you can run Sysprep to prepare the sample computer for cloning. Sysprep prepares the image for capture by cleaning up various user-specific and computer-specific settings, as well as log files. The reference installation now is complete and ready to be imaged.NOT ImagexImageX is a command- line tool that enables original equipment manufacturers (OEMs) and corporations to capture, to modify, and to apply file-based disk images for rapid deployment. ImageX works with Windows image (.wim) files for copying to a network, or it can work with other technologies that use .wim images, such as Windows Setup, Windows Deployment Services (Windows DS), and the System Management Server (SMS) Operating System Feature Deployment Pack.NOT DismDeployment Image Servicing and Management (DISM) is a command-line tool used to service Windows?images offline before deployment. You can use it to install, uninstall, configure, and update Windows features, packages, drivers, and international settings. Subsets of the DISM servicing commands are also available for servicing a running operating systemNOT WpeutilThe Windows PE utility (Wpeutil) is a command-line tool that enables you to run various commands in a Windows PE session. For example, you can shut down or restart Windows PE, enable or disable a firewall, set language settings, and initialize a network.

QUESTION 5
You have a new computer that does not have an operating system installed.
You have a virtual hard disk (VHD) that contains an installation of Windows 7.
You start the computer from the Windows Preinstallation Environment (Windows PE).
You create a partition on the computer and copy the VHD to the partition.
You need to configure the computer to start from the VHD. Which tools should you use?

A.    Diskpart.exe and Bcdboot.exe
B.    Imagex.exe and Bcdedit.exe
C.    Scanstate.exe and Loadstate.exe
D.    Wpeutil.exe and Dism.exe

Answer: A
Explanation:
Diskpart
Microsoft command-line tool Diskpart is used to create and format volumes on the target computer.Bcdboot You now want to apply this customized image to the hard disks of two new computers you have purchased without operating systems. You boot each computer in turn from the Windows PE media and use ImageX to install the image. Your final step, to make the image bootable, is to use BCDboot from Windows PE to initialize the BCD store and copy boot environment files to the system partition. When you reboot each new computer, it will boot into Windows 7 and will have the same settings configured and applications installed as your original computer. Take care you are not violating any licensing conditions.

QUESTION 6
Your network contains 100 computers that run Windows XP. You need to identify which applications installed on all of the computers can run on Windows 7. You must achieve this goal by using the minimum amount of administrative effort. What should you install?

A.    Microsoft Application Compatibility Toolkit (ACT)
B.    Microsoft Assessment and Planning (MAP) Toolkit
C.    Microsoft Deployment Toolkit (MDT)
D.    Windows Automated Installation Kit (AIK)

Answer: A
Explanation:
The Microsoft Application Compatibility Toolkit (ACT) 5.6 enables software developers, independent software vendors (ISVs), and IT professionals who work in a corporate environment to determine, before deployment within the organization, whether their applications are compatible with a new version of the Windows?operating system. ACT also enables such individuals to determine how an update to the new version will affect their applications.
You can use the ACT features to:
– Verify your application’s, device’s, and computer’s compatibility with a new version of the Windows operating system, including determining your risk assessment.
– Verify a Windows update’s compatibility, including determining your risk assessment.
– Become involved in the ACT Community, including sharing your application assessment with other ACT users.
– Test your applications for issues related to User Account Control (UAC) by using the Standard User Analyzer (SUA) tool.
– Test your Web applications and Web sites for compatibility with new releases and security updates to Internet Explorer? by using the Internet Explorer Compatibility Test Tool.

QUESTION 7
Your network consists of a single IPv4 subnet. The subnet contains 20 computers that run Windows 7. You add a new computer named Computer1 to the subnet. You discover that Computer1 has an IP address of 169.254.34.12. You cannot connect to other computers on the network. Other computers on the network can connect to each other. You need to ensure that you can connect to all computers on the network. What should you do?

A.    Turn off Windows Firewall.
B.    Run Ipconfig.exe /renew.
C.    Configure a static TCP/IP address.
D.    Run Netsh.exe interface ipv4 install.

Answer: C
Explanation:
[Need better justification]
Configuring static IP addresses
When you assign a static IP address, you need to tell the computer the IP address you want to use, the subnet mask for this IP address, and, if necessary, the default gateway to use for internetwork communications. An IP address is a numeric identifier for a computer. Ip addressing schemes vary according to how your network is configured, but they’re normally assigned based on a particular network segment.

QUESTION 8
Your network consists of an Active Directory domain named contoso.com.
You have a computer named computer1.contoso.com. Your network is configured to use only IPv6. You need to request that a DNS record be created to enable users to connect to your computer by using the name dev.contoso.com.
Which type of record should you request?

A.    A
B.    AAAA
C.    HINFO
D.    NAPTR

Answer: B
Explanation:
The resolution of host names to IPv6 addresses is accomplished through DNS (apart from link-local addresses that are not stored by DNS and resolve automatically). The procedure is the same as for IPv4 address resolution with the computer name and IPv6 address pair being stored in a AAAA (quad-A) DNS resource record, which is equivalent to an A or host record for IPv4. Reverse DNS lookup that returns a computer name for an IPv6 address is implemented by a pointer (PTR) DNS resource record that is referred to the IPv6 reverse lookup zone (or tree) ipv6.arpa, which is the equivalent of the in-addr.arpa reverse lookup zone in Ipv4.
AAAAAn AAAA (quad-A) resource record resolves a host name to an IPv6 address.AAn A (address) resource record resolves a host name to an IPv4 address.HINFOHost information (HINFO) resource record. Specifies the type of CPU and operating system in the cpu_type and os_type fields, respectively, for the host DNS domain name in the owner field. Well-known CPU and operating system types that are most often used are noted in RFC 1700. This information can be used by application protocols such as FTP, which use special procedures when communicating with computers of a known CPU and operating system type.
NAPTR
The NAPTR represents a Naming Authority Pointer. NAPTR records map between sets of URNs, URLs and plain domain names and suggest to clients what protocol should be used to talk to the mapped resource. Each NAPTR record contains a service name, a set of flags, a regexp rule, an order value, a preference and a replacement. Multiple records can be chained together in a cascade to rewrite URIs in fairly sophisticated, but deterministic ways. These cascading rules have been standardized in RFC2915 and RFC3403.

QUESTION 9
Your network has a main office and a branch office. The branch office has five client computers that run Windows 7. All servers are located in the main office. All servers have BranchCache enabled. Users at the branch office report that it takes several minutes to open large files located in the main office. You need to minimize the amount of time it takes for branch office users to open files located in the main office. The solution must also reduce the amount of bandwidth used between the two offices. What should you do?

A.    At the main office, configure the Quality of Service (QoS) Packet Scheduler on all servers.
B.    At the main office, configure the servers to use Background Intelligent Transfer Service (BITS).
C.    At the branch office, configure the client computers to use BranchCache Hosted Cache mode.
D.    At the branch office, configure the client computers to use BranchCache Distributed Cache mode.

Answer: D
Explanation:
Distributed Cache ModeDistributed Cache mode uses peer caching to host the branch office cache among clients running Windows 7 on the branch office network. This means that each Distributed Cache mode client hosts part of the cache, but no single client hosts all the cache. When a client running Windows 7 retrieves content over the WAN, it places that content into its own cache. If another BranchCache client running Windows 7 attempts to access the same content, it is able to access that content directly from the first client rather than having to retrieve it over the WAN link. When it accesses the file from its peer, it also copies that file into its own cache. The advantage of distributed cache mode is that you can deploy it without having to deploy a server running Windows Server 2008 R2 locally in each branch office. The drawback of Distributed Cache mode is that the contents of the cache available on the branch office LAN depend on which clients are currently online. If a client needs a file that is held in the cache of a computer that is shut down, the client needs to retrieve the file from the host server across the WAN.Hosted Cache ModeHosted Cache mode uses a centralized local cache that hosted on a branch office server running Windows Server 2008 R2. You can enable the hosted cache server functionality on a server running Windows Server 2008 R2 that you use for other functions without a significant impact on performance. This is because if you found that files hosted at another location across the WAN were being accessed so frequently that there was a performance impact, you would use a solution like Distributed File System (DFS) to replicate them to the branch office instead of using BranchCache. The advantage of Hosted Cache mode over Distributed Cache mode is that the cache is centralized and always available. Parts of the distributed cache become unavailable when the clients hosting them shut down.Background Intelligent Transfer Service (BITS)The Background Intelligent Transfer Service (BITS) has two role services: the Compact Server and the IIS Server Extension. The Compact Server is a stand-alone HTTP or HTTPS file server, whereas the IIS Server Extension is an Internet Information Services (IIS) plug-in that requires a server running IIS. IIS Server ExtensionThe BITS IIS Server Extension lets you configure a server that is running IIS to allow BITS clients to perform background, resumable file uploads to IIS virtual directories. On completion of a file upload, the BITS Server can notify a Web application of the newly uploaded file. This allows the application to process the uploaded file. The Web application can then optionally reply to the client responsible for the upload.Compact ServerThe BITS Compact Server is a stand- alone HTTP or HTTPS file server, which allows applications to host files for BITS clients to download, and allows the asynchronous transfer of a limited number of large files between computers.QoS Packet SchedulerThe Quality of Service Packet Scheduler is a Windows platform component that is enabled by default on Windows Vista and Windows XP computers. It is, however, not enabled by default on Windows 2003 computers. This scheduler is designed to control the IP traffic for various network services, including Real Time Communications traffic. This component must be installed and enabled if the QoS markings described earlier for audio and video traffic are to be implemented by the IP stack.

QUESTION 10
You have a computer that runs Windows 7. You create an Encrypting File System (EFS) recovery key and certificate. You need to ensure that your user account can decrypt all EFS files on the computer. What should you do?

A.    From Credential Manager, add a Windows credential.
B.    From Credential Manager, add a certificate-based credential.
C.    From the local computer policy, add a data recovery agent.
D.    From the local computer policy, modify the Restore files and directories setting.

Answer: C
Explanation:
EFS Recovery
Recovery Agents are certificates that allow the restoration of EFS encrypted files. When a recovery agent has been specified using local policies, all EFS encrypted files can be recovered using the recovery agent private key. You should specify a recovery agent before you allow users to encrypt files on a client running Windows 7. You can recover all files that users encrypt after the creation of a recovery agent using the recovery agent’s private key. You are not able to decrypt files that were encrypted before a recovery agent certificate was specified. You create an EFS recovery agent by performing the following steps:
1. Log on to the client running Windows 7 using the first account created, which is the default administrator account.
2. Open a command prompt and issue the command Cipher.exe /r:recoveryagent
3. This creates two files: Recoveryagent.cer and Recoveryagent.pfx. Cipher.exe prompts you to specify a password when creating Recoveryagent.pfx.
4. Open the Local Group Policy Editor and navigate to the \Computer Configuration\Windows Settings\Security Settings\Public Key Policies\Encrypting File System node. Right-click this node and then click Add Data Recovery Agent. Specify the location of Recoveryagent.cer to specify this certificate as the recovery agent.
5. To recover files, use the certificates console to import Recoveryagent.pfx. This is the recovery agent’s private key. Keep it safe because it can be used to open any encrypted file on the client running Windows 7.

If you want to pass the Microsoft 70-680 Exam sucessfully, recommend to read latest Microsoft 70-680 Dump full version.

Official 2014 Latest Microsoft 98-379 Demo Free Download(7-15)!

QUESTION 7
Drag and Drop Question
You create work items to test the features of an application. Match each work item type to its description. To answer, drag the appropriate work item type from the column on the left to its description on the right. Each work item type may be used once, more than once, or not at all. Each correct match is worth one point.
 clip_image002[14]
Answer:
 clip_image001[6]

QUESTION 8
Drag and Drop Question
Match each status to its test step. To answer, drag the appropriate status from the column on the left to its test step on the right. Each status may be used once, more than once, or not at all. Each correct match is worth one point.
 clip_image002[16]

Answer:
 clip_image001[8]

QUESTION 9
This question requires that you evaluate the underlined text to determine if it is correct. Bug tracking is the process of assigning severity and priority to a reported bug. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

A.    No change is needed
B.    Logging
C.    Resolution
D.    Triage

Answer: D

QUESTION 10
Hotspot Question
You are asked to train an intern to create bug reports by using Team Foundation Server (TFS). You review the following bug report your intern created:
 clip_image002[18]
When this bug occurs, the user cannot continue using the application. Use the drop-down menus to complete each statement. Each correct selection is worth one point.
 clip_image001[10]
Answer:
 clip_image001[12]

QUESTION 11
You use Microsoft Test Manager to test a solution. Which two statements about using test cases in Microsoft Test Manager are correct? (Choose two.)

A.    You can share steps between different test cases.
B.    You need to add all fields to a test case when you create the test case.
C.    You must define test cases by using Microsoft Test Manager.
D.    You can add attachments and hyperlinks to test cases.

Answer: AD
Explanation:
http://msdn.microsoft.com/en-us/library/vstudio/dd380712(v=vs.110).aspx

QUESTION 12
This question requires that you evaluate the underlined text to determine if it is correct. Severitydescribes how much a defect affects an application. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

A.    No change is needed
B.    Effect level
C.    Scope
D.    Priority

Answer: A

QUESTION 13
You need to show the rolling average of the number of bugs that the testing team has opened, resolved, and closed.
Which report should you show?

A.    Bug trend
B.    Build quality indicators
C.    Bug status
D.    Burn rate

Answer: A

QUESTION 14
This question requires that you evaluate the underlined text to determine if it is correct. Bug convergence is the point at which the number of bugs resolved exceeds the number of bugs found.
Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

A.    No change is needed
B.    Baseline
C.    Burndown
D.    Code coverage

Answer: A

QUESTION 15
How many test plans are created in projects that use an agile methodology?

A.    One master test plan and one test plan for each sprint
B.    One test plan for each sprint
C.    One master test plan
D.    Multiple test plans for each sprint

Answer: A
 

If you want to pass the Microsoft 98-379 Exam sucessfully, recommend to read latest Microsoft 98-379 Demo full version.

Official 2014 Latest Microsoft 98-379 Demo Free Download(1-6)!

QUESTION 1
When you log a bug, which two items should you include in the bug report to reproduce the bug? (Choose two.)

A.    The actions leading up to the bug
B.    The author of the code
C.    A description of the actual results
D.    The severity of bug

Answer: AB

QUESTION 2
Hotspot Question
You run a load test in Microsoft Test Manager. You monitor performance counters by using the Load Test Analyzer. The following graphic displays representative data:
 clip_image002[12]
Use the drop-down lists to complete each statement. Each correct selection is worth one point.

 clip_image001
Answer:
 clip_image001[4]

QUESTION 3
As part of a development team in a test-driven development environment, you are given the requirements for a new software system.
What should you do first?

A.    Implement the system in the code.
B.    Write a user story for the system.
C.    Run all existing test cases to validate they succeed.
D.    Write a test case for the new system.

Answer: D

QUESTION 4
This question requires that you evaluate the underlined text to determine if it is correct. In a use case diagram, the association between an actor and a use case can show a generalization at each end.
Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

A.    No change is needed
B.    Alternative
C.    Multiplicity
D.    Subsystem boundary

Answer: C

QUESTION 5
This question requires that you evaluate the underlined text to determine if it is correct. Fault tolerance is a redundancy technique that completely hides errors within a set of redundant modules.
Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

A.    No change is needed
B.    Fault masking
C.    Exception handling
D.    Regression testing

Answer: B

QUESTION 6
A system has the following requirement:
Patients should be sent to the Emergency Room if their respiratory rate is >= 20 and their age is >= 65.
How many test cases should you write to test all combinations of conditions?

A.    0
B.    2
C.    4
D.    9

Answer: D

If you want to pass the Microsoft 98-379 Exam sucessfully, recommend to read latest Microsoft 98-379 Demo full version.

Official 2014 Latest Free Microsoft 70-412 Dump Download(41-50)!

QUESTION 41
Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role installed and is configured as a standalone certification authority (CA). You install a second server named Server2. You install the Online Responder role service on Server2. You need to ensure that Server1 can issue an Online Certificate Status Protocol (OCSP) Response Signing certificate to Server2. What should you do?

A.    On Server1, run the certutil.exe command and specify the -setreg parameter.
B.    On Server2, run the certutil.exe command and specify the -policy parameter.
C.    On Server1, configure Security for the OCSP Response Signing certificate template.
D.    On Server2, configure Issuance Requirements for the OCSP Response Signing certificate template.

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/cc732526.aspx

clip_image001

QUESTION 42
Your network contains an Active Directory domain named adatum.com. The domain contains a server named CA1 that runs Windows Server 2012 R2. CA1 has the Active Directory Certificate Services server role installed and is configured to support key archival and recovery. You need to ensure that a user named User1 can decrypt private keys archived in the Active Directory Certificate Services (AD CS) database. The solution must prevent User1 from retrieving the private keys from the AD CS database. What should you do?

A.    Assign User1 the Issue and Manage Certificates permission to Server1.
B.    Assign User1 the Read permission and the Write permission to all certificate templates.
C.    Provide User1 with access to a Key Recovery Agent certificate and a private key.
D.    Assign User1 the Manage CA permission to Server1.

Answer: C

QUESTION 43
Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2 and two domain controllers named DC1 and DC2. Both domain controllers are located in Site1. You install an additional domain controller named DC3 in Site1 and you ship DC3 to Site2. A technician connects DC3 to Site2. You discover that users in Site2 are authenticated by all three domain controllers. You need to ensure that the users in Site2 are authenticated by DC1 or DC2 only if DC3 is unavailable. What should you do?

A.    From Network Connections, modify the IP address of DC3.
B.    In Active Directory Sites and Services, modify the Query Policy of DC3.
C.    From Active Directory Sites and Services, move DC3.
D.    In Active Directory Users and Computers, configure the insDS-PrimaryComputer attribute for the
users in Site2.

Answer: C
Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/7573.active-directory-certificateservices- pki-keyarchival-and-anagement.aspx#Protecting_Key_Recovery_Agent_Keys

clip_image001[4]

QUESTION 44
Your network contains two Active Directory forests named contoso.com and adatum.com. Contoso.com contains one domain. Adatum.com contains a child domain named child.adatum.com. Contoso.com has a one-way forest trust to adatum.com. Selective authentication is enabled on the forest trust. Several user accounts are migrated from child.adatum.com to adatum.com. Users report that after the migration, they fail to access resources in contoso.com. The users successfully accessed the resources in contoso.com before the accounts were migrated. You need to ensure that the migrated users can access the resources in contoso.com. What should you do?

A.    Replace the existing forest trust with an external trust.
B.    Run netdom and specify the /quarantine attribute.
C.    Disable SID filtering on the existing forest trust.
D.    Disable selective authentication on the existing forest trust.

Answer: C
Explanation:
B. Enables administrators to manage Active Directory domains and trust relationships from the command prompT, /quarantine Sets or clears the domain quarantine C. Need to gran access to the resources in contoso.com
D. Selective authentication over a forest trust restricts access to only those users in a trusted forest who have been explicitly given authentication permissions to computer objects (resource
computers) that reside in the trusting forest
http://technet.microsoft.com/en-us/library/cc755321(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc758152(v=ws.10).aspx

clip_image001[6]

QUESTION 45
You have four servers that run Windows Server 2012 R2. The servers have the Failover Clustering feature installed. You deploy a new cluster named Cluster1. Cluster1 is configured as shown in the following table.

clip_image001[8]
Site2 is a disaster recovery site. Server1, Server2, and Server3 are configured as the preferred owners of the cluster roles. Dynamic quorum management is disabled. You plan to perform hardware maintenance on Server3. You need to ensure that if the WAN link between Site1 and Site2 fails while you are performing maintenance on Server3, the cluster resource will remain available in Site1. What should you do?

A.    Enable dynamic quorum management.
B.    Remove the node vote for Server3.
C.    Add a file share witness in Site1.
D.    Remove the node vote for [C1] Server4 and Server5.

Answer: D
Explanation:
http://msdn.microsoft.com/en-us/library/hh270280.aspx#VotingandNonVotingNodes

clip_image001[10]

QUESTION 46
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server2 that runs Windows Server 2012 R2. You are a member of the local Administrators group on Server2. You install an Active Directory Rights Management Services (AD RMS) root cluster on Server2. You need to ensure that the AD RMS cluster is discoverable automatically by the AD RMS client computers and the users in contoso.com. Which additional configuration settings should you configure?
To answer, select the appropriate tab in the answer area.

clip_image001[12]
Answer:

clip_image001[14]

QUESTION 47
You plan to deploy a failover cluster that will contain two nodes that run Windows Server 2012 R2. You need to configure a witness disk for the failover cluster. How should you configure the witness disk? To answer, drag the appropriate configurations to the correct location or locations. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

clip_image001[16]
Answer:

clip_image002

QUESTION 48
You have a test server named Server1 that is configured to dual-boot between Windows Server 2008 R2 and Windows Server 2012 R2. You start Server1 and you discover that the boot entry for Windows Server 2008 R2 no longer appears on the boot menu. You start Windows Server 2012 R2 on Server1 and you discover the disk configurations shown in the following table.

clip_image001[18]
You need to restore the Windows Server 2008 R2 boot entry on Server1. What should you do?

A.    Run bcdedit.exe and specify the /createstore parameter.
B.    Run bootrec.exe and specify the /scanos parameter.
C.    Run bcdboot.exe d:\windows.
D.    Run bootrec.exe and specify the /rebuildbcd parameter.

Answer: D
Explanation:
A. BCDEdit is a command-line tool for managing BCD stores. It can be used for a variety of purposes, including creating new stores, modifying existing stores, adding boot menu options, /Createstore Creates a new empty boot configuration data store. The created store is not a system store. B. Bootrec.exe tool to troubleshoot “Bootmgr Is Missing” issue. The /ScanOs option scans all disks for installations that are c mpatible with Windows Vista or Windows 7. Additionally, this option displays the entries that are currently not in the BCD store. Use this option when there are Windows Vista or Windows 7 installations that the Boot Manager menu does not list.
C.
D. Bootrec.exe tool to troubleshoot “Bootmgr Is Missing” issue. The /ScanOs option scans all disks for installations that are compatible with Windows Vista or Windows 7. Additionally, this option displays the entries that are currently not in the BCD store. Use this option when there are Windows Vista or Windows 7 installations that the Boot Manager menu does not list.
http://technet.microsoft.com/en-us/library/cc709667(v=ws.10).aspx http://support.microsoft.com/kb/927392/en-us

clip_image001[20]

QUESTION 49
You have a DHCP server named Server1. Server1 has one network adapter. Server1 is located on a subnet named Subnet1. Server1 has scope named Scope1. Scope1 contains IP addresses for the 192.168.1.0/24 network. Your company is migrating the IP addresses on Subnet1 to use a network ID of 10.10.0.0/16. On Server11 you create a scope named Scope2. Scope2 contains IP addresses for the 10.10.0.0/16 network. You need to ensure that clients on Subnet1 can receive IP addresses from either scope. What should you create on Server1?

A.    A multicast scope
B.    A scope
C.    A superscope
D.    A split-scope

Answer: C
Explanation:
A. Multicasting is the sending of network traffic to a group of endpointsdestination hosts. Only those members in the group of endpoints hosts that are listening for the multicast traffic (the multicast group) process the multicast traffic
B. A scope is an administrative grouping of IP addresses for computers on a subnet that use the Dynamic Host Configuration Protocol (DHCP) service. The administrator first creates a scope for each physical subnet and then uses the scope to define the parameters used by clients. C. A superscope is an administrative feature of Dynamic Host Configuration Protocol (DHCP) servers running Windows Server 2008 that you can create and manage by using the DHCP Microsoft Management Console (MMC) snap-in. By using a superscope, you can group multiple scopes as a single administrative entity.
D.
http://technet.microsoft.com/en-us/library/dd759152.aspx http://technet.microsoft.com/en-us/library/dd759218.aspx http://technet.microsoft.com/en-us/library/dd759168.aspx

clip_image001[22]

QUESTION 50
Your network contains an Active Directory domain named adatum.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. On Dc1, you open DNS Manager as shown in the exhibit. (Click the Exhibit button.)

clip_image001[24]
You need to change the zone type of the contoso.com zone from an Active Directory-integrated zone to a standard primary zone. What should you do before you change the zone type?

A.    Unsign the zone.
B.    Modify the Zone Signing Key (ZSK).
C.    Modify the Key Signing Key (KSK).
D.    Change the Key Master.

Answer: A
Explanation:
A. Lock icon indicating that it is currently signed with DNSSEC, zone must be unsignes
B. An authentication key that corresponds to a private key used to sign a zone.
C. The KSK is an authentication key that corresponds to a private key used to sign one or more other signing keys for a given zone. Typically, the private key corresponding to a KSK will sign a ZSK, which in turn has a corresponding private key that will sign other zone data.
D.
http://technet.microsoft.com/en-us/library/hh831411.aspx
http://technet.microsoft.com/en-us/library/ee649132(v=ws.10).aspx

clip_image001[26]

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-412 Dump Download(31-40)!

QUESTION 31
Your network contains three Active Directory forests. Each forest contains an Active Directory Rights Management Services (AD RMS) root cluster. All of the users in all of the forests must be able to access protected content from any of the forests. You need to identify the minimum number of AD RMS trusts required. How many trusts should you identify?

A.    2
B.    3
C.    4
D.    6

Answer: D

QUESTION 32
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a domain controller named DC1 that is configured as an enterprise root certification authority (CA). All users in the domain are issued a smart card and are required to log on to their domain-joined client computer by using their smart card. A user named User1 resigned and started to work for a competing company. You need to prevent User1 immediately from logging on to any computer in the domain. The solution must not prevent other users from logging on to the domain. Which tool should you use?

A.    Active Directory Sites and Services
B.    Active Directory Administrative Center
C.    Server Manager
D.    Certificate Templates

Answer: B

QUESTION 33
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the DHCP Server server role installed. DHCP is configured as shown in the exhibit. (Click the Exhibit button.)

clip_image001
You discover that client computers cannot obtain IPv4 addresses from DC1. You need to ensure that the client computers can obtain IPv4 addresses from DC1. What should you do?

A.    Activate the scope.
B.    Authorize DC1.
C.    Disable the Allow filters.
D.    Disable the Deny filters.

Answer: C
Explanation:
There is no items in the deny List. So it means that client computers MAC addresses is not listed in the allow list. So we have to disable the “Allow Filters” http://technet.microsoft.com/en-us/library/ee956897(v=ws.10).aspx

clip_image001[4]

QUESTION 34
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 and a domain controller named DC1. All servers run Windows Server 2012 R2. A Group Policy object (GPO) named GPO1 is linked to the domain. Server1 contains a folder named Folder1. Folder1 is shared as Share1. You need to ensure that authenticated users can request assistance when they are denied access to the resources on Server1. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Assign the Read Attributes NTFS permission on Folder1 to the Authenticated Users group.
B.    Install the File Server Resource Manager role service on Server1.
C.    Configure the Customize message for Access Denied errors policy setting of GPO1.
D.    Enable the Enable access-denied assistance on client for all file types policy setting for GPO1.
E.    Install the File Server Resource Manager role service on DC1.

Answer: BD
Explanation:
http://technet.microsoft.com/en-us/library/hh831402.aspx#BKMK_1

QUESTION 35
Your network contains an Active Directory domain named adatum.com. All domain controllers run Windows Server 2008 R2. The domain contains a file server named Server6 that runs Windows Server 2012 R2. Server6 contains a folder named Folder1. Folder1 is shared as Share1. The NTFS permissions on Folder1 are shown in the exhibit. (Click the Exhibit button.)

clip_image001[6]
The domain contains two global groups named Group1 and Group2. You need to ensure that only users who are members of both Group1 and Group2 are denied access to Folder1. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Remove the Deny permission for Group1 from Folder1.
B.    Deny Group2 permission to Folder1.
C.    Install a domain controller that runs Windows Server 2012 R2.
D.    Create a conditional expression.
E.    Deny Group2 permission to Share1.
F.    Deny Group1 permission to Share1.

Answer: CD
Explanation:
* Conditional Expressions for Permission Entries Windows Server 2008 R2 and Windows 7 enhanced Windows security descriptors by introducing a conditional access permission entry. Windows Server 2012 R2 takes advantage of conditional access permission entries by inserting user claims, device claims, and resource properties, into conditional expressions. Windows Server 2012 R2 security evaluates these expressions and allows or denies access based on results of the evaluation. Securing access to resources through claims is known as claims-based access control. Claims-based access control works with traditional access control to provide an additional layer of authorization that is flexible to the varying needs of the enterprise environment.
http://social.technet.microsoft.com/wiki/contents/articles/14269.introducing-dynamicaccess- control-en-us.aspx

QUESTION 36
Your network contains an Active Directory forest. The forest contains a single domain named contoso.com. The forest contains two Active Directory sites named Main and Branch1. The sites connect to each other by using a site link named Main-Branch1. There are no other site links. Each site contains several domain controllers. All domain controllers run Windows Server 2012 R2. Your company plans to open a new branch site named Branch2. The new site will have a WAN link that connects to the Main site only. The site will contain two domain controllers that run Windows Server 2012 R2. You need to create a new site and a new site link for Branch2. The solution must ensure that the domain controllers in Branch2 only replicate to the domain controllers in Branch1 if all of the domain controllers in Main are unavailable. Which three actions should you perform? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

clip_image002
Answer:

clip_image002[4]

QUESTION 37
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the DNS Server server role installed. The network contains client computers that run either Linux, Windows 7, or Windows 8. You have a standard primary zone named adatum.com as shown in the exhibit. (Click the Exhibit button.)

clip_image001[8]
You plan to configure Name Protection on all of the DHCP servers. You need to configure the adatum.com zone to support Name Protection. Which two configurations should you perform from DNS Manager? (Each correct answer presents part of the solution. Choose two.)

A.    Sign the zone.
B.    Store the zone in Active Directory.
C.    Modify the Security settings of the zone.
D.    Configure Dynamic updates.

Answer: BD
Explanation:
http://technet.microsoft.com/en-us/library/ee941152(v=ws.10).aspx

clip_image001[10]

clip_image001[12]

QUESTION 38
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 are configured as Hyper-V replicas of each other. Server1 hosts a virtual machine named VM1. VM1 is replicated to Server2. You need to verify whether the replica of VM1 on Server2 is functional. The solution must ensure that VM1 remains accessible to clients. What should you do from Hyper-V Manager?

A.    On Server1, execute a Planned Failover.
B.    On Server1, execute a Test Failover.
C.    On Server2, execute a Planned Failover.
D.    On Server2, execute a Test Failover.

Answer: D
Explanation:
A. Server 1 is houses VM1 and it is replicated to Server2 – wrong server to failover and this is not a planned fail over case
B. Wrong server correct failover type
C. Wrong server, wrong failover type
D. Right server and failover type
http://blogs.technet.com/b/virtualization/archive/2012/07/31/types-of-failover-operations-inhyper- v-replica-partii-planned-failover.aspx
http://blogs.technet.com/b/virtualization/archive/2012/07/26/types-of-failover-operations-inhyper- v-replica.aspx

QUESTION 39
You have a failover cluster named Cluster1 that contains four nodes. All of the nodes run Windows Server 2012 R2. You need to force every node in Cluster1 to contact immediately the Windows Server Update Services (WSUS) server on your network for updates. Which tool should you use?

A.    The Add-CauClusterRole cmdlet
B.    The Wuauclt command
C.    The Wusa command
D.    The Invoke-CauScan cmdlet

Answer: D
Explanation:
A. Adds the Cluster-Aware Updating (CAU) clustered role that provides the self-updating functionality to the specified cluster.
B. the wuauclt utility allows you some control over the functioning of the Windows Update Agent C. The Wusa.exe file is in the %windir%\System32 folder. The Windows Update Standalone Installer uses the Windows Update Agent API to install update packages. Update packages have an .msu file name extension. The .msu file name extension is associated with the Windows Update Standalone Installer.
D. Performs a scan of cluster nodes for applicable updates and returns a list of the initial set of updates that would be applied to each node in a specified cluster. http://technet.microsoft.com/en-us/library/hh847235(v=wps.620).aspx http://technet.microsoft.com/en-us/library/cc720477(v=ws.10).aspx http://support.microsoft.com/kb/934307
http://technet.microsoft.com/en-us/library/hh847228(v=wps.620).aspx

clip_image001[14]

QUESTION 40
Your network contains an Active Directory domain named contoso.com. The network contains a file server named Server1 that runs Windows Server 2012 R2. You are configuring a central access policy for temporary employees. You enable the Department resource property and assign the property a suggested value of Temp. You need to configure a target resource condition for the central access rule that is scoped to resources assigned to Temp only. Which condition should you use?

A.    (Temp.Resource Equals “Department”)
B.    (Resource.Temp Equals “Department”)
C.    (Resource.Department Equals “Temp”)
D.    (Department.Value Equals “Temp”)

Answer: C
Explanation:
http://technet.microsoft.com/fr-fr/library/hh846167.aspx

clip_image001[16]

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-412 Dump Download(21-30)!

QUESTION 21
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the Hyper-V server role installed. The network contains an enterprise certification authority (CA). All servers are enrolled automatically for a certificate-based on the Computer certificate template. On Server1, you have a virtual machine named VM1. VM1 is replicated to Server2. You need to encrypt the replication of VM1. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    On Server1, modify the settings of VM1.
B.    On Server2, modify the settings of VM1.
C.    On Server2, modify the Hyper-V Settings.
D.    On Server1, modify the Hyper-V Settings.
E.    On Server1, modify the settings of the virtual switch to which VM1 is connected.
F.    On Server2, modify the settings of the virtual switch to which VM1 is connected.

Answer: AC
Explanation:
Answer is A and C, not A and F. Virtual Switch has nothing to do with this scenario based many sites I’ve visited even TechNet. And added a couple examples with Enterprise CA as well.
C. – Is Server 2, modify settings of Hyper-V=>Replica Server. then all the Encryption Reqs. TCP-443/SSL.

QUESTION 22
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. You create a user account named User1 in the domain. You need to ensure that User1 can use Windows Server Backup to back up Server1. The solution must minimize the number of administrative rights assigned to User1. What should you do?

A.    Add User1 to the Backup Operators group.
B.    Add User1 to the Power Users group.
C.    Assign User1 the Backup files and directories user right and the Restore files and directories user right.
D.    Assign User1 the Backup files and directories user right.

Answer: D
Explanation:
Backup Operators have these permissions by default:

clip_image001
However the question explicitly says we need to minimize administrative rights. Since the requirement is for backing up the data only–no requirement to restore or shutdown–then assigning the “Back up files and directories user right” would be the correct answer.

clip_image001[4]

QUESTION 23
You have a server named Server1 that runs Windows Server 2012 R2 and is used for testing. A developer at your company creates and installs an unsigned kernel-mode driver on Server1. The developer reports that Server1 will no longer start. You need to ensure that the developer can test the new driver. The solution must minimize the amount of data loss. Which Advanced Boot Option should you select?

A.    Disable Driver Signature Enforcement
B.    Disable automatic restart on system failure
C.    Last Know Good Configuration (advanced)
D.    Repair Your Computer

Answer: A
Explanation:
A. By default, 64-bit versions of Windows Vista and later versions of Windows will load a kernel- mode driver only if the kernel can verify the driver signature. However, this default behavior can be disabled to facilitate early driver development and non-automated testing. B. specifies that Windows automatically restarts your computer when a failure occurs C. Developer would not be able to test the driver as needed D. Removes or repairs critical windows files, Developer would not be able to test the driver as needed and some file loss
http://technet.microsoft.com/en-us/library/jj134246.aspx
http://msdn.microsoft.com/en-us/library/windows/hardware/ff547565(v=vs.85).aspx

clip_image001[6]

QUESTION 24
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. You add two additional nodes to Cluster1. You need to ensure that Cluster1 stops running if three nodes fail. What should you configure?

A.    Affinity-None
B.    Affinity-Single
C.    The cluster quorum settings
D.    The failover settings
E.    A file server for general use
F.    The Handling priority
G.    The host priority
H.    Live migration
I.    The possible owner
J.    The preferred owner
K.    Quick migration
L.    The Scale-Out File Server

Answer: C

QUESTION 25
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. You add two additional nodes in Cluster1. You have a folder named Folder1 on Server1 that hosts application data. Folder1 is a folder target in a Distributed File System (DFS) namespace. You need to provide highly available access to Folder1. The solution must support DFS Replication to Folder1. What should you configure?

A.    Affinity-None
B.    Affinity-Single
C.    The cluster quorum settings
D.    The failover settings
E.    A file server for general use
F.    The Handling priority
G.    The host priority
H.    Live migration
I.    The possible owner
J.    The preferred owner
K.    Quick migration
L.    The Scale-Out File Server

Answer: E

QUESTION 26
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Network Load Balancing (NLB) feature installed. The servers are configured as nodes in an NLB cluster named Cluster1. Port rules are configured for all clustered applications. You need to ensure that Server2 handles all client requests to the cluster that are NOT covered by a port rule. What should you configure?

A.    Affinity-None
B.    Affinity-Single
C.    The cluster quorum settings
D.    The failover settings
E.    A file server for general use
F.    The Handling priority
G.    The host priority
H.    Live migration
I.    The possible owner
J.    The preferred owner
K.    Quick migration
L.    The Scale-Out File Server

Answer: G
Explanation:
http://technet.microsoft.com/en-us/library/bb742455.aspx

clip_image001[8]

QUESTION 27
Your network contains an Active Directory domain named contoso.com. A previous administrator implemented a Proof of Concept installation of Active Directory Rights Management Services (AD RMS). After the proof of concept was complete, the Active Directory Rights Management Services server role was removed. You attempt to deploy AD RMS. During the configuration of AD RMS, you receive an error message indicating that an existing AD RMS Service Connection Point (SCP) was found. You need to remove the existing AD RMS SCP. Which tool should you use?

A.    ADSI Edit
B.    Active Directory Users and Computers
C.    Active Directory Domains and Trusts
D.    Active Directory Sites and Services
E.    Services
F.    Authorization Manager
G.    TPM Management
H.    Certification Authority

Answer: AD
Explanation:
http://technet.microsoft.com/en-us/library/jj835767(v=ws.10).aspx

clip_image001[10]

clip_image001[12]

clip_image001[14]

QUESTION 28
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and fabrikam.com. The functional level of the forest is Windows Server 2003. You have a domain outside the forest named adatum.com. You need to configure an access solution to meet the following requirements:
– Users in adatum.com must be able to access resources in contoso.com.
– Users in adatum.com must be prevented from accessing resources in fabrikam.com.
– Users in both contoso.com and fabrikam.com must be prevented from accessing resources in adatum.com.
What should you create?

A.    a one-way realm trust from contoso.com to adatum.com
B.    a one-way realm trust from adatum.com to contoso.com
C.    a one-way external trust from contoso.com to adatum.com
D.    a one-way external trust from adatum.com to contoso.com

Answer: C
Explanation:
domain names were changed, so understand the question well
You need to make trust relationship where domain contoso.com trusts adatum.com.
http://technet.microsoft.com/en-us/library/cc728024(v=ws.10).aspx

clip_image002

QUESTION 29
Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. DC1 hosts an Active Directory- integrated zone for contoso.com. You add the DNS Server server role to DC2. You discover that the contoso.com DNS zone fails to replicate to DC2. You verify that the domain, schema, and configuration naming contexts replicate from DC1 to DC2. You need to ensure that DC2 replicates the contoso.com zone by using Active Directory replication. Which tool should you use?

A.    Dnscmd
B.    Dnslint
C.    Repadmin
D.    Ntdsutil
E.    DNS Manager
F.    Active Directory Sites and Services
G.    Active Directory Domains and Trusts
H.    Active Directory Users and Computers

Answer: F
Explanation:
http://technet.microsoft.com/en-us/library/cc739941(v=ws.10).aspx
If you see question about AD Replication, First preference is AD sites and services, then Repadmin and then DNSLINT.

QUESTION 30
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a domain controller named DC1 that is configured as an enterprise root certification authority (CA). All users in the domain are issued a smart card and are required to log on to their domain-joined client computer by using their smart card. A user named User1 resigned and started to work for a competing company. You need to prevent User1 immediately from logging on to any computer in the domain. The solution must not prevent other users from logging on to the domain. Which tool should you use?

A.    Active Directory Administrative Center
B.    Active Directory Sites and Services
C.    Active Directory Users and Computers
D.    the Certification Authority console
E.    the Certificates snap-in
F.    Certificate Templates
G.    Server Manager
H.    the Security Configuration Wizard

Answer: AC
Explanation:
A. ADAC – Active Directory Administrative Center used to manage users/computers C. ADUC – Active Directory Users and Computers used to manage users/Computers.
http://technet.microsoft.com/en-us/library/dd560651(v=ws.10).aspx http://technet.microsoft.com/en-us/library/aa997340(v=exchg.65).aspx

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-412 Dump Download(11-20)!

QUESTION 11
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a member server named Server1. Server1 has the IP Address Management (IPAM) Server feature installed. On Dc1, you configure Windows Firewall to allow all of the necessary inbound ports for IPAM. On Server1, you open Server Manager as shown in the exhibit. (Click the Exhibit button.)

clip_image002
You need to ensure that you can use IPAM on Server1 to manage DNS on DC1. What should you do?

A.    Modify the outbound firewall rules on Server1.
B.    Modify the inbound firewall rules on Server1.
C.    Add Server1 to the Remote Management Users group.
D.    Add Server1 to the Event Log Readers group.

Answer: D
Explanation:
Since no exhibit, the guess here is it’s not using the GPO to manage the Event Log Readers group– evidenced by the fact that the firewall was configured manually instead of with the GPO. If the GPO was being used then the IPAM server would be in the Event Log Readers group due to restricted group settings in the GPO as shown below:

clip_image002[4]
In the above example, the IPAM server is as member of the VDI\IPAMUG group.
http://technet.microsoft.com/en-us/library/jj878313.aspx

clip_image001

QUESTION 12
Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the IP Address Management (IPAM) Server feature installed. You install the IPAM client on Server2. You open Server Manager on Server2 as shown in the exhibit. (Click the Exhibit button.)

clip_image002[6]
You need to manage IPAM from Server2. What should you do first?

A.    On Server1, add the Server2 computer account to the IPAM MSM Administrators group.
B.    On Server2, open Computer Management and connect to Server1.
C.    On Server2, add Server1 to Server Manager.
D.    On Server1, add the Server2 computer account to the IPAM ASM Administrators group.

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/hh831453.aspx

clip_image002[8]

QUESTION 13
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named Dc1. DC1 has the DNS Server server role installed. The network has two sites named Site1 and Site2. Site1 uses 10.10.0.0/16 IP addresses and Site2 uses 10.11.0.0/16 IP addresses. All computers use DC1 as their DNS server. The domain contains four servers named Server1, Server2, Server3, and Server4. All of the servers run a service named Service1. DNS host records are configured as shown in the exhibit. (Click the Exhibit button.)

clip_image001[4]
You discover that computers from the 10.10.1.0/24 network always resolve Service1 to the [P address of Server1. You need to configure DNS on DC1 to distribute computers in Site1 between Server1 and Server2 when the computers attempt to resolve Service1. What should run on DC1?

A.    dnscmd /config /bindsecondaries 1
B.    dnscmd /config /localnetpriority 0
C.    dnscmd /config /localnetprioritynetmask 0x0000ffff
D.    dnscmd /config /roundrobin 0

Answer: C
Explanation:
A. Specifies use of fast transfer format used by legacy Berkeley Internet Name Domain (BIND) servers. 1 enables
B. Disables netmask ordering.
C. You can use the Dnscmd /Config /LocalNetPriorityNetMask 0x0000FFFF command to use class B ( or 16 bit) for netmask ordering for DNS round robin
D. Disables round robin rotation.
http://technet.microsoft.com/en-us/library/cc737355(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc738473(v=ws.10).aspx http://support.microsoft.com/kb/842197
http://technet.microsoft.com/en-us/library/cc779169(v=ws.10).aspx

QUESTION 14
Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the DHCP Server server role installed. Server1 is located in the main office site. Server2 is located in the branch office site. Server1 provides IPv4 addresses to the client computers in the main office site. Server2 provides IPv4 addresses to the client computers in the branch office site. You need to ensure that if either Server1 or Server2 are offline, the client computers can still obtain IPv4 addresses.
The solution must meet the following requirements:
– The storage location of the DHCP databases must not be a single point of failure.
– Server1 must provide IPv4 addresses to the client computers in the branch office site only if Server2 is offline.
– Server2 must provide IPv4 addresses to the client computers in the main office site only if Server1 is offline.
Which configuration should you use?

A.    load sharing mode failover partners
B.    a failover cluster
C.    hot standby mode failover partners
D.    a Network Load Balancing (NLB) cluster

Answer: C
Explanation:
A. The load sharing mode of operation is best suited to deployments where both servers in a failover relationship are located at the same physical site.
B. Hot standby mode of operation is best suited to deployments where a central office or data center server acts as a standby backup server to a server at a remote site, which is local to the DHCP clients
C. Needs to be a DHCP Failover option
D. Needs to be a DHCP Failover option
http://technet.microsoft.com/en-us/library/hh831385.aspx http://blogs.technet.com/b/teamdhcp/archive/2012/09/03/dhcp-failover-hot-standbymode.aspx

clip_image001[6]

QUESTION 15
You have a DHCP server named Server1. Server1 has an IP address 192.168.1.2 is located on a subnet that has a network ID of 192.168.1.0/24. On Server1, you create the scopes shown in the following table.

clip_image001[8]
You need to ensure that Server1 can assign IP addresses from both scopes to the DHCP clients on the local subnet. What should you create on Server1?

A.    A scope
B.    A superscope
C.    A split-scope
D.    A multicast scope

Answer: B
Explanation:
A. A scope is an administrative grouping of IP addresses for computers on a subnet that use the Dynamic Host Configuration Protocol (DHCP) service. The administrator first creates a scope for each physical subnet and then uses the scope to define the parameters used by clients.
B. A superscope is an administrative feature of Dynamic Host Configuration Protocol (DHCP) servers running Windows Server 2008 that you can create and manage by using the DHCP Microsoft Management Console (MMC) snap-in. By using a superscope, you can group multiple scopes as a single administrative entity.
D. Multicasting is the sending of network traffic to a group of endpointsdestination hosts. Only those members in the group of endpoints hosts that are listening for the multicast traffic (the multicast group) process the multicast traffic http://technet.microsoft.com/en-us/library/dd759168.aspx http://technet.microsoft.com/en-us/library/dd759152.aspx

clip_image001[10]

QUESTION 16
Your network contains servers that run Windows Server 2012 R2. The network contains a large number of iSCSI storage locations and iSCSI clients. You need to deploy a central repository that can discover and list iSCSI resources on the network automatically. Which feature should you deploy?

A.    the Windows Standards-Based Storage Management feature
B.    the iSCSI Target Server role service
C.    the iSCSI Target Storage Provider feature
D.    the iSNS Server service feature

Answer: D
Explanation:
A. Windows Server 2012 R2 enables storage management that is comprehensive and fully scriptable, and administrators can manage it remotely. A WMI-based interface provides a single mechanism through which to manage all storage, including non-Microsoft intelligent storage subsystems and virtualized local storage (known as Storage Spaces). Additionally, management applications can use a single Windows API to manage different storage types by using standards-based protocols such as Storage Management Initiative Specification (SMI-S).
B. Targets are created in order to manage the connections between an iSCSI device and the servers that need to access it. A target defines the portals (IP addresses) that can be used to connect to the iSCSI device, as well as the security settings (if any) that the iSCSI device requires in order to authenticate the servers that are requesting access to its resources. C. iSCSI Target Storage Provider enables applications on a server that is connected to an iSCSI target to perform volume shadow copies of data on iSCSI virtual disks. It also enables you to manage iSCSI virtual disks by using older applications that require a Virtual Disk Service (VDS) hardware provider, such as the Diskraid command.
D. The Internet Storage Name Service (iSNS) protocol is used for interaction between iSNS servers and iSNS clients. iSNS clients are computers, also known as initiators, that are attempting to discover storage devices, also known as targets, on an Ethernet network.
http://technet.microsoft.com/en-us/library/cc726015.aspx
http://technet.microsoft.com/en-us/library/cc772568.aspx

clip_image001[12]

QUESTION 17
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1. All servers run Windows Server 2012 R2. All domain user accounts have the Division attribute automatically populated as part of the user provisioning process. The Support for Dynamic Access Control and Kerberos armoring policy is enabled for the domain. You need to control access to the file shares on Server1 based on the values in the Division attribute and the Division resource property. Which three actions should you perform in sequence?

clip_image002[10]
Answer:

clip_image001[14]
Explanation:
First create a claim type for the property, then create a reference resource property that points back to the claim. Finally set the classification value on the folder

QUESTION 18
Your network contains two Active Directory forests named contoso.com and fabrikam.com. The contoso.com forest contains two domains named corp.contoso.com and contoso.com. You establish a two-way forest trust between contoso.com and fabrikam.com. Users from the corp.contoso.com domain report that they cannot log on to client computers in the fabrikam.com domain by using their corp.contoso.com user account. When they try to log on, they receive following error message:
“The computer you are signing into is protected by an authentication firewall. The specified account is not allowed to authenticate to the computer.” Corp.contoso.com users can log on successfully to client computers in the contoso.com domain by using their corp.contoso.com user account credentials. You need to allow users from the corp.contoso.com domain to log on to the client computers in the fabrikam.com forest. What should you do?

A.    Configure Windows Firewall with Advanced Security.
B.    Enable SID history.
C.    Configure forest-wide authentication.
D.    Instruct the users to log on by using a user principal name (UPN).

Answer: C
Explanation:
C. The forest-wide authentication setting permits unrestricted access by any users in the trusted forest to all available shared resources in any of the domains in the trusting forest.
http://technet.microsoft.com/en-us/library/cc785875(v=ws.10).aspx

clip_image001[16]

QUESTION 19
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the Hyper-V server role installed. The servers have the hardware configurations shown in the following table.

clip_image001[18]
Server1 hosts five virtual machines that run Windows Server 2012 R2. You need to move the virtual machines from Server1 to Server2. The solution must minimize downtime. What should you do for each virtual machine?

A.    Export the virtual machines from Server1 and import the virtual machines to Server2.
B.    Perform a live migration.
C.    Perform a quick migration.
D.    Perform a storage migration.

Answer: A
Explanation:
None of these migration options will work between different Processors ( AMD/Intel). The only option remaining is to export and re-import the VMs

QUESTION 20
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers have the Hyper-V server role installed. You plan to replicate virtual machines between Server1 and Server2. The replication will be encrypted by using Secure Sockets Layer (SSL). You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted. Which two intended purposes should the certificate for Server1 contain? (Each correct answer presents part of the solution. Choose two.)

A.    Client Authentication
B.    Kernel Mode Code Signing
C.    Server Authentication
D.    IP Security end system
E.    KDC Authentication

Answer: AC
Explanation:
http://blogs.technet.com/b/virtualization/archive/2012/03/13/hyper-v-replica-certificate- requirements.aspx

clip_image002[12]

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-412 Dump Download(1-10)!

QUESTION 1
Your network contains an Active Directory domain named adatum.com. The domain contains two domain controllers that run Windows Server 2012 R2. The domain controllers are configured as shown in the following table.

clip_image001
You log on to DC1 by using a user account that is a member of the Domain Admins group, and then you create a new user account named User1. You need to prepopulate the password for User1 on DC2. What should you do first?

A.    Connect to DC2 from Active Directory Users and Computers.
B.    Add DC2 to the Allowed RODC Password Replication Policy group.
C.    Add the User1 account to the Allowed RODC Password Replication Policy group.
D.    Run Active Directory Users and Computers as a member of the Enterprise Admins group.

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/cc730883(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc753470(v=ws.10).aspx#BKMK_pre

clip_image001[4]

QUESTION 2
Your company has offices in Montreal, New York, and Amsterdam. The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office. All of the sites connect to each other by using the DEFAULTIPSITELINK site link. You need to ensure that only between 20:00 and 08:00, the domain controllers in the Montreal office replicate the Active Directory changes to the domain controllers in the Amsterdam office. The solution must ensure that the domain controllers in the Montreal and the New York offices can replicate the Active Directory changes any time of day. What should you do?

A.    Create a new site link that contains Montreal and Amsterdam.
Remove Amsterdam from DEFAULTIPSITELINK.
Modify the schedule of DEFAULTIPSITELINK.
B.    Create a new site link that contains Montreal and Amsterdam.
Create a new site link bridge.
Modify the schedule of DEFAU LTIPSITELINK.
C.    Create a new site link that contains Montreal and Amsterdam.
Remove Amsterdam from DEFAULTIPSITELINK.
Modify the schedule of the new site link.
D.    Create a new site link that contains Montreal and Amsterdam.
Create a new site link bridge.
Modify the schedule of the new site link.

Answer: C
Explanation:
Very Smartly reworded with same 3 offices. In the exam correct answer is “Create a new site link that contains Newyork to Montreal.
Remove Montreal from DEFAULTIPSITELINK.Modify the schedule of the new site link”.
http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

QUESTION 3
Your network contains two Active Directory forests named contoso.com and adatum.com. A two- way forest trust exists between the forests. The contoso.com forest contains an enterprise certification authority (CA) named Server1. You implement cross-forest certificate enrollment between the contoso.com forest and the adatum.com forest. On Server1, you create a new certificate template named Template1. You need to ensure that users in the adatum.com forest can request certificates that are based on Template1. Which tool should you use?

A.    DumpADO.ps1
B.    Repadmin
C.    Add-CATemplate
D.    Certutil
E.    PKISync.ps1

Answer: E
Explanation:
B. Repadmin.exe helps administrators diagnose Active Directory replication problems between domain controllers running Microsoft Windows operating systems.
C. Adds a certificate template to the CA.
D. Use Certutil.exe to dump and display certification authority (CA) configuration information, configure Certificate Services, backup and restore CA components, and verify certificates, key pairs, and certificate chains.
E. PKISync.ps1 copies objects in the source forest to the target forest
http://technet.microsoft.com/en-us/library/ff955845(v=ws.10).aspx#BKMK_Consolidating http://technet.microsoft.com/en-us/library/cc770963(v=ws.10).aspx http://technet.microsoft.com/en-us/library/hh848372.aspx http://technet.microsoft.com/library/cc732443.aspx
http://technet.microsoft.com/en-us/library/ff961506(v=ws.10).aspx

clip_image001[6]

QUESTION 4
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Windows Deployment Services server role installed. You back up Server1 each day by using Windows Server Backup. The disk array on Server1 fails. You replace the disk array. You need to restore Server1 as quickly as possible. What should you do?

A.    Start Server1 from the Windows Server 2012 R2 installation media.
B.    Start Server1and press F8.
C.    Start Server1 and press Shift+F8.
D.    Start Server1 by using the PXE.

Answer: A
Explanation:
A. Recovery of the OS uses the Windows Setup Disc
http://technet.microsoft.com/en-us/library/cc753920.aspx http://www.windowsnetworking.com/articles_tutorials/Restoring-Windows-Server-BareMetal.html

QUESTION 5
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the Hyper-V server role installed. Server1 and Server2 are located in different offices. The offices connect to each other by using a high-latency WAN link. Server2 hosts a virtual machine named VM1. You need to ensure that you can start VM1 on Server1 if Server2 fails. The solution must minimize hardware costs. What should you do?

A.    On Server1, install the Multipath I/O (MPIO) feature.
Modify the storage location of the VHDs for VM1.
B.    From the Hyper-V Settings of Server2, modify the Replication Configuration settings.
Enable replication for VM1.
C.    On Server2, install the Multipath I/O (MPIO) feature.
Modify the storage location of the VHDs for VM1.
D.    From the Hyper-V Settings of Server1, modify the Replication Configuration settings.
Enable replication for VM1.

Answer: D
Explanation:
You first have to enable replication on the Replica server–Server1–by going to the server and modifying the “Replication Configuration” settings under Hyper-V settings. You then go to VM1– which presides on Server2– and run the “Enable Replication” wizard on VM1.

clip_image002

clip_image002[4]

QUESTION 6
You have a server named Server1 that runs Windows Server 2012 R2. You modify the properties of a system driver and you restart Server1. You discover that Server1 continuously restarts without starting Windows Server 2012 R2. You need to start Windows Server 2012 R2 on Server1 in the least amount of time. The solution must minimize the amount of data loss. Which Advanced Boot Option should you select?

A.    Last Know Good Configuration (advanced)
B.    Repair Your Computer
C.    Disable automatic restart on system failure
D.    Disable Driver Signature Enforcement

Answer: A
Explanation:
http://windows.microsoft.com/en-ph/windows-vista/using-last-known-good-configuration

clip_image001[8]

QUESTION 7
Your network contains an Active Directory domain named contoso.com. The domain contains three servers named Server1, Server2, and Server3 that run Windows Server 2012 R2. All three servers have the Hyper-V server role installed and the Failover Clustering feature installed. Server1 and Server2 are nodes in a failover cluster named Cluster1. Several highly available virtual machines run on Cluster1. Cluster1 has the Hyper-V Replica Broker role installed. The Hyper-V Replica Broker currently runs on Server1. Server3 currently has no virtual machines. You need to configure Cluster1 to be a replica server for Server3 and Server3 to be a replica server for Cluster1. Which two tools should you use? (Each correct answer presents part of the solution. Choose two.)

A.    The Hyper-V Manager console connected to Server3
B.    The Failover Cluster Manager console connected to Server3
C.    The Hyper-V Manager console connected to Server1.
D.    The Failover Cluster Manager console connected to Cluster1
E.    The Hyper-V Manager console connected to Server2

Answer: AD
Explanation:
http://technet.microsoft.com/en-us/library/jj134240.aspx

clip_image002[6]

clip_image001[10]

QUESTION 8
You have a file server named Server1 that runs Windows Server 2012 R2. The folders on Server1 are configured as shown in the following table.

clip_image001[12]
A new corporate policy states that backups must use Microsoft Online Backup whenever possible. You need to identify which technology you must use to back up Server1. The solution must use Microsoft Online Backup whenever What should you identify? To answer, drag the appropriate backup type to the correct location or locations. Each backup type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

clip_image002[8]
Answer:

clip_image001[14]
Explanation:
http://technet.microsoft.com/en-us/library/hh831761.aspx

clip_image002[10]

 

QUESTION 9
You have a DNS server named Server1 that runs Windows Server 2012 R2. Server1 has a signed zone for contoso.com. You need to configure DNS clients to perform DNSSEC validation for the contoso.com DNS domain. What should you configure?

A.    The Network Connection settings
B.    A Name Resolution Policy
C.    The Network Location settings
D.    The DNS Client settings

Answer: B
Explanation:
B. In a DNSSEC deployment, validation of DNS queries by client computers is enabled through configuration of IPSEC & NRPT
http://technet.microsoft.com/en-us/library/ee649182(v=ws.10).aspx http://technet.microsoft.com/en-us/library/ee649136(v=ws.10).aspx

clip_image001[16]

QUESTION 10
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. On Dc1, you open DNS Manager as shown in the exhibit. (Click the Exhibit button.)

clip_image001[18]
You need to change the replication scope of the contoso.com zone. What should you do before you change the replication scope?

A.    Modify the Zone Transfers settings.
B.    Add DC1 to the Name Servers list.
C.    Add your user account to the Security settings of the zone.
D.    Unsign the zone.

Answer: D
Explanation:
D. Lock icon signifies that the Zone has been signed. Changes to the zone are blocked when signed http://www.microsoft.com/en-us/download/dlx/ThankYou.aspx?id=29018

clip_image001[20]

 

If you want to pass the Microsoft 70-412 Exam sucessfully, recommend to read latest Microsoft 70-412 Dump full version.

Pages: 1 2 ... 241 242 243 244 245 246 247 248