[FREE UPDATED QUESTIONS] Download Free Microsoft 70-417 Tests Questions and Answers From Braindump2go – 100% Success On Microsoft 70-417 (51-60)
All Latest Updated Questions and Answers in Braindump2go 70-417 Exam Dumps will not take you a lot of time to comprehend and you can easily cover up the entire Microsoft 70-417 syllabus for your examination.Download Braindump2go Free 70-417 Sample Questions Now, Pass 70-417 Exam in advance!
Vendor: Microsoft
Exam Code: 70-417
Exam Name: Upgrading Your Skills to MCSA Windows Server 2012 R2 Exam
QUESTION 51
Hotspot Question
You have a server named Server1 that runs Windows Server 2012 R2.
The volumes on Server1 are configured as shown in the following table.
A new corporate policy states that backups must use Windows Azure Backup whenever possible.
You need to identify which backup methods you must use to back up Server1.
The solution must use Windows Azure Backup whenever possible.
Which backup type should you identify for each volume? To answer, select the appropriate backup type for each volume in the answer area.
Answer:
QUESTION 52
Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2.
An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise. A Group Policy object (GPO) named GPO1 is linked to OU1.
You make a change to GPO1.
You need to force all of the computers in OU1 to refresh their Group Policy settings immediately. The solution must minimize administrative effort.
Which tool should you use?
A. The Secedit command
B. The Invoke-GpUpdatecmdlet
C. Group Policy Object Editor
D. Server Manager
Answer: B
QUESTION 53
Your network contains an Active Directory domain named contoso.com.
The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012.
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct answer presents part of the solution. Choose two.)
A. Run Enable AdfsDeviceRegistration -PrepareActiveDirectory.
B. Edit the multi-factor authentication global authentication policy settings.
C. Edit the primary authentication global authentication policy settings.
D. Run Set-AdfsProxyPropertiesHttpPort 80.
E. Run Enable-AdfsDeviceRegistration.
Answer: CE
Explanation/:
* To enable Device Registration Service
On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm..
Enable seamless second factor authentication
Seamless second factor authentication is an enhancement in AD FS that provides an added level of access protection to corporate resources and applications from external devices that are trying to access them. When a personal device is Workplace Joined, it becomes a `known’ device and administrators can use this information to drive conditional access and gate access to resources.
To enable seamless second factor authentication, persistent single sign-on (SSO) and conditional access for Workplace Joined devices
In the AD FS Management console, navigate to Authentication Policies.
Select Edit Global Primary Authentication.
Select the check box next to Enable Device Authentication, and then click OK.
QUESTION 54
Your company deploys a new Active Directory forest named contoso.com. The first domain controller in the forest runs Windows Server 2012 R2. The forest contains a domain controller named DC10.
On DC10, the disk that contains the SYSVOL folder fails.
You replace the failed disk.
You stop the Distributed File System (DFS) Replication service.
You restore the SYSVOL folder.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which tool should you use before you start the DFS Replication service on DC10?
A. Active Directory Sites and Services
B. Ultrasound
C. Adsiedit.msc
D. Frsutil
Answer: C
Explanation:
How to perform a non-authoritative synchronization of DFSR-replicated SYSVOL
(like “D2” for FRS)
1. In the ADSIEDIT.MSC tool modify the following distinguished name (DN) value and attribute on each of the domain controllers that you want to make non- authoritative:CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR- LocalSettings,CN=<the server name>,OU=Domain Controllers,DC=<domain>msDFSR- Enabled=FALSE
2. Force Active Directory replication throughout the domain.
Etc
QUESTION 55
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
You need to ensure that third-party devices can use Workplace Join to access domain resources on the Internet.
Which four actions should you perform in sequence? To answer, move the appropriate four actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
QUESTION 56
Your network contains two servers named HV1 and HV2.
Both servers run Windows Server 2012 R2 and have the Hyper-V server role installed.
HV1 hosts 25 virtual machines. The virtual machine configuration files and the virtual hard disks are stored in D:\VM.
You shut down all of the virtual machines on HV1.
You copy D:\VM to D:\VM on HV2.
You need to start all of the virtual machines on HV2.
You want to achieve this goal by using the minimum amount of administrative effort.
What should you do?
A. From HV1, export all virtual machines to D:\VM.
Copy D:\VM to D:\VM on HV2 and overwrite the existing files.
On HV2, run the New Virtual Machine wizard.
B. From HV1, export all virtual machines to D:\VM.
Copy D:\VM to D:\VM on HV2 and overwrite the existing files.
On HV2, run the Import Virtual Machine wizard.
C. Run the Import-VM InitialReplicationcmdlet.
D. Run the Import-VM cmdlet.
Answer: D
Explanation:
The Import-VM cmdlet imports a virtual machine from a file.
QUESTION 57
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The domain contains a domain controller named DC1 and a member server named Server1.
All servers run Windows Server 2012 R2.
You install the IP Address Management (IPAM) Server feature on Server1.
From the Provision IPAM wizard, you select the Group Policy Based provisioning method and enter a GPO name prefix of IPAM1.
You need to provision IPAM by using Group Policy.
What command should you run on Server1 to complete the process? To answer, select the appropriate options in the answer area.
Answer:
QUESTION 58
Hotspot Question
Your network contains an Active Directory domain named fabrikam.com.
You implement DirectAccess.
You need to view the properties of the DirectAccess connection.
Which connection properties should you view?
To answer, select the appropriate connection properties in the answer area.
Answer:
QUESTION 59
Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Active Directory Federation Services server role installed.Server2 is a file server.
Your company introduces a Bring Your Own Device (BYOD) policy.
You need to ensure that users can use a personal device to access domain resources by using Single Sign-On (SSO) while they are connected to the internal network.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Enable the Device Registration Service in Active Directory.
B. Publish the Device Registration Service by using a Web Application Proxy.
C. Configure Active Directory Federation Services (AD FS) for the Device Registration Service.
D. Install the Work Folders role service on Server2.
E. Create and configure a sync share on Server2.
Answer: AC
Explanation:
*Prepare your Active Directory forest to support devices
This is a one-time operation that you must run to prepare your Active Directory forest to support devices.
To prepare the Active Directory forest
On your federation server, open a Windows PowerShell command window and type:
Initialize-ADDeviceRegistration
*Enable Device Registration Service on a federation server farm node To enable Device Registration Service
1.On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
2.Repeat this step on each federation farm node in your AD FS farm.
QUESTION 60
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You install the IP Address Management (IPAM) Server feature on a server named Server1 and select Manual as the provisioning method.
The IPAM database is located on a server named SQL1.
You need to configure IPAM to use Group Policy Based provisioning.
What command should you run first? To answer, select the appropriate options in the answer area.
Answer:
Braindump2go is one of the Leading 70-417 Exam Preparation Material Providers Around the World! We Offer 100% Money Back Guarantee on All Products! Feel Free In Downloading Our New Released 70-417 Real Exam Questions!