Category Archives: Microsoft MCSA

Microsoft MCP, Microsoft MCSA, Microsoft MCSE 2012

Exam 70-417 Upgrading Your Skills to MCSA Windows Server 2012

Leave a comment

Published: September 21, 2012
Languages: English, German, Japanese
Audiences: IT professionals
Technology: Windows Server 2012 R2
Credit toward certification: MCP, MCSA, MCSE

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

This exam has been updated to cover the recent technology updates in Windows Server 2012 R2 and System Center 2012 R2. For more details, you may review the documents on the exam detail pages for exams 70-410, 70-411, and 70-412.

Install and configure servers (20 – 25%)
Install servers
Plan for a server installation, plan for server roles, plan for a server upgrade, install Server Core, optimize resource utilization by using Features on Demand, migrate roles from previous versions of Windows Server
Configure servers
Configure Server Core, delegate administration, add and remove features in offline images, deploy roles on remote servers, convert Server Core to/from full GUI, configure services, configure NIC teaming, install and configure Windows PowerShell Desired State Configuration (DSC)
Configure local storage
Design storage spaces, configure basic and dynamic disks, configure Master Boot Record (MBR) and GUID Partition Table (GPT) disks, manage volumes, create and mount virtual hard disks (VHDs), configure storage pools and disk pools, create storage pools by using disk enclosures

Preparation resources
Installing Windows Server 2012
Configure Server Core
Windows Server 2012 “Early Experts” challenge – Exam 70-410 – storage spaces

Configure server roles and features (20 – 25%)
Configure servers for remote management
Configure WinRM, configure down-level server management, configure servers for day-to-day management tasks, configure multi-server management, configure Server Core, configure Windows Firewall, manage non-domain joined servers

Preparation resources
NTFS shared folders in Windows Server 2012
Simplified printing with Windows 8 and Windows Server 2012
Using the Windows Server 2012 Server Manager for remote and multi-server management

Configure Hyper-V (20 – 25%)
Create and configure virtual machine (VM) settings
Configure dynamic memory, configure smart paging, configure Resource Metering, configure guest integration services, create and configure Generation 1 and 2 VMs, configure and use enhanced session mode, configure RemoteFX
Create and configure virtual machine storage
Create VHDs and VHDX, configure differencing drives, modify VHDs, configure pass-through disks, manage checkpoints, implement a virtual Fibre Channel adapter, configure storage Quality of Service
Create and configure virtual networks
Configure Hyper-V virtual switches, optimize network performance, configure MAC addresses, configure network isolation, configure synthetic and legacy virtual network adapters, configure NIC teaming in VMs

Preparation resources
Hyper-V Dynamic Memory overview
Configuring pass-through disks in Hyper-V
Hyper-V network virtualization overview

Install and administer Active Directory (25 – 30%)
Install domain controllers
Add or remove a domain controller from a domain, upgrade a domain controller, install Active Directory Domain Services (AD DS) on a Server Core installation, install a domain controller from install from media (IFM), resolve Domain Name System (DNS) SRV record registration issues, configure a global catalog server, deploy Active Directory infrastructure as a service (IaaS) in Microsoft Azure

Preparation resources
What’s new in Active Directory Domain Services installation
Overview of Active Directory simplified administration
Using the updated Active Directory Administration Center

QUESTION 1
You have a server named DNS1 that runs Windows Server 2012 R2.
You discover that the DNS resolution is slow when users try to access the company intranet home page by using the URL https:://companyhome.
You need to provide single-label name resolution for CompanyHome that is not dependent on the suffix search order.
Which three cmdlets should you run? (Each correct
Answer presents part of the solution. Choose three.)

A. Add-DnsServerPrimaryZone
B. Add-DnsServerResourceRecordCName
C. Set-DnsServerDsSetting
D. Set-DnsServerGlobalNameZone
E. Set-DnsServerEDns
F. Add-DnsServerDirectory Partition

Answer: A,B,D

QUESTION 2
Your network contains an Active Directory forest named contoso.com.
Users frequently access the website of an external partner company.
The URL of the website is https:://partners.adatum.com.
The partner company informs you that it will perform maintenance on its Web server and that the IP addresses of the Web server will change.
After the change is complete, the users on your internal network report that they fail to access the website.
However, some users who work from home report that they can access the website.
You need to ensure that your DNS servers can resolve partners.adatum.com to the correct IP address immediately.
What should you do?

A. Run dnscmd and specify the CacheLockingPercent parameter
B. Run Set-DnsServerGlobalQueryBlockList
C. Run ipconfig and specify the Renew parameter
D. Run Set-DnsServerCache

Answer: D

QUESTION 3
Your network contains an Active Directory forest named adatum.com. The forest contains an Active Directory Rights Management Services (AD RMS) cluster.
A partner company has an Active Directory forest named litwareinc.com. The partner company does not have AD RMS deployed.
You need to ensure that users in litwareinc.com can consume rights-protected content from adatum.com.
Which type of trust policy should you create?

A. At federated trust
B. A trusted user domain
C. A trusted publishing domain
D. Windows Live ID

Answer: A
Explanation:
A. In AD RMS rights can be assigned to users who have a federated trust with Active Directory Federation Services (AD FS). This enables an organization to share access to rights-protected content with another organization without having to establish a separate Active Directory trust or Active Directory Rights Management Services (AD RMS) infrastructure.
http://technet.microsoft.com/en-us/library/dd772651(v=WS.10).aspx https:://technet.microsoft.com/en-us/library/cc738707(v=WS.10).aspx
https:://technet.microsoft.com/en-us/library/cc757344(v=ws.10).aspx

QUESTION 4
You are a network administrator of an Active Directory domain named contoso.com.
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the DHCP Server server role and the Network Policy Server role service installed.
You enable Network Access Protection (NAP) on all of the DHCP scopes on Server1.
You need to create a DHCP policy that will apply to all of the NAP non-compliant DHCP clients.
Which criteria should you specify when you create the DHCP policy?

A. The user class
B. The vendor class
C. The client identifier
D. The relay agent information

Answer: A

QUESTION 5
Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Active Directory Federation Services server role installed.Server2 is a file server.
Your company introduces a Bring Your Own Device (BYOD) policy.
You need to ensure that users can use a personal device to access domain resources by using Single Sign-On (SSO) while they are connected to the internal network.
Which two actions should you perform? (Each correct
Answer presents part of the solution. Choose two.)

A. Enable the Device Registration Service in Active Directory.
B. Publish the Device Registration Service by using a Web Application Proxy.
C. Configure Active Directory Federation Services (AD FS) for the Device Registration Service.
D. Install the Work Folders role service on Server2.
E. Create and configure a sync share on Server2.

Answer: A,C
Explanation: *Prepare your Active Directory forest to support devices
This is a one-time operation that you must run to prepare your Active Directory forest to support devices.
To prepare the Active Directory forest
On your federation server, open a Windows PowerShell command window and type: Initialize-ADDeviceRegistration
*Enable Device Registration Service on a federation server farm node To enable Device Registration Service
1.On your federation server, open a Windows PowerShell command window and type: Enable-AdfsDeviceRegistration
2.Repeat this step on each federation farm node in your AD FS farm.

Click here to view complete Q&A of 70-417 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-398 Training at certkingdom.com

MCSE, Microsoft MCP, Microsoft MCSA

Exam 70-412 Configuring Advanced Windows Server 2012 Services

Leave a comment

Published: September 17, 2012
Languages: English, Chinese (Simplified), French, German, Japanese, Portuguese (Brazil)
Audiences: IT professionals
Technology: Windows Server 2012 R2
Credit toward certification: MCP, MCSA, MCSE

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

As of January 2014, this exam includes content covering Windows Server 2012 R2.

Configure and manage high availability (15–20%)
Configure Network Load Balancing (NLB)
Install NLB nodes, configure NLB prerequisites, configure affinity, configure port rules, configure cluster operation mode, upgrade an NLB cluster
Configure failover clustering
Configure quorum, configure cluster networking, restore single node or cluster configuration, configure cluster storage, implement Cluster-Aware Updating, upgrade a cluster, configure and optimize clustered shared volumes, configure clusters without network names, configure storage spaces
Manage failover clustering roles
Configure role-specific settings, including continuously available shares; configure virtual machine (VM) monitoring; configure failover and preference settings; configure guest clustering
Manage VM movement
Perform live migration; perform quick migration; perform storage migration; import, export, and copy VMs; configure VM network health protection; configure drain on shutdown

Preparation resources
Managing Network Load Balancing clusters
Setting Network Load Balancing parameters
Failover cluster deployment guide

Configure file and storage solutions (15–20%)
Configure advanced file services
Configure Network File System (NFS) data store, configure BranchCache, configure File Classification Infrastructure (FCI) using File Server Resource Manager (FSRM), configure file access auditing
Implement Dynamic Access Control (DAC)
Configure user and device claim types, implement policy changes and staging, perform access-denied remediation, configure file classification, create and configure Central Access rules and policies, create and configure resource properties and lists
Configure and optimize storage
Configure iSCSI target and initiator, configure Internet Storage Name server (iSNS), implement thin provisioning and trim, manage server free space using Features on Demand, configure tiered storage

Preparation resources
Network File System
File Server Resource Manager
Dynamic Access Control: Scenario overview

Implement business continuity and disaster recovery (15–20%)
Configure and manage backups
Configure Windows Server backups, configure Microsoft Azure backups, configure role-specific backups, manage VSS settings using VSSAdmin
Recover servers
Restore from backups, perform a Bare Metal Restore (BMR), recover servers using Windows Recovery Environment (Win RE) and safe mode, configure the Boot Configuration Data (BCD) store
Configure site-level fault tolerance
Configure Hyper-V Replica, including Hyper-V Replica Broker and VMs; configure multi-site clustering, including network settings, Quorum, and failover settings; configure Hyper-V Replica extended replication; configure Global Update Manager; recover a multi-site failover cluster

Preparation resources
Windows Server backup overview
Windows Recovery Environment (RE) explained
How to configure bare-metal restore/recovery media

Configure Network Services (15–20%)
Implement an advanced Dynamic Host Configuration Protocol (DHCP) solution
Create and configure superscopes and multicast scopes; implement DHCPv6; configure high availability for DHCP, including DHCP failover and split scopes; configure DHCP Name Protection; configure DNS registration
Implement an advanced DNS solution
Configure security for DNS, including Domain Name System Security Extensions (DNSSEC), DNS Socket Pool, and cache locking; configure DNS logging; configure delegated administration; configure recursion; configure netmask ordering; configure a GlobalNames zone; analyze zone level statistics
Deploy and manage IP Address Management (IPAM)
Provision IPAM manually or by using Group Policy, configure server discovery, create and manage IP blocks and ranges, monitor utilization of IP address space, migrate to IPAM, delegate IPAM administration, manage IPAM collections, configure IPAM database storage

Preparation resources
Dynamic Host Configuration Protocol (DHCP) overview
Step-by-step: Demonstrate DNSSEC in a test lab
Holistic administration of IP address space using Windows Server 2012 IP Address Management

Configure the Active Directory infrastructure (15–20%)
Configure a forest or a domain
Implement multi-domain and multi-forest Active Directory environments, including interoperability with previous versions of Active Directory; upgrade existing domains and forests, including environment preparation and functional levels; configure multiple user principal name (UPN) suffixes
Configure trusts
Configure external, forest, shortcut, and realm trusts; configure trust authentication; configure SID filtering; configure name suffix routing
Configure sites
Configure sites and subnets, create and configure site links, manage site coverage, manage registration of SRV records, move domain controllers between sites
Manage Active Directory and SYSVOL replication
Configure replication to Read-Only Domain Controllers (RODCs), configure Password Replication Policy (PRP) for RODC, monitor and manage replication, upgrade SYSVOL replication to Distributed File System Replication (DFSR)

Preparation resources
Deploy Active Directory Domain Services (AD DS) in your enterprise
Active Directory domains and trusts
Introduction to Active Directory replication and topology management using Windows PowerShell (Level 100)

Configure Identity and Access Solutions (15–20%)
Implement Active Directory Federation Services (AD FS)
Install AD FS; implement claims-based authentication, including Relying Party Trusts; configure authentication policies; configure Workplace Join; configure multi-factor authentication
Install and configure Active Directory Certificate Services (AD CS)
Install an Enterprise Certificate Authority (CA), configure certificate revocation lists (CRL) distribution points, install and configure Online Responder, implement administrative role separation, configure CA backup and recovery
Manage certificates
Manage certificate templates; implement and manage certificate deployment, validation, and revocation; manage certificate renewal; manage certificate enrollment and renewal to computers and users using Group Policies; configure and manage key archival and recovery
Install and configure Active Directory Rights Management Services (AD RMS)
Install a licensing or certificate AD RMS server, manage AD RMS Service Connection Point (SCP), manage RMS templates, configure Exclusion Policies, back up and restore AD RMS

Preparation resources
AD FS deployment guide
Active Directory Certificate Services overview
Deploy a private CA with Windows Server 2012

QUESTION 1
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2.
Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a cluster disk resource.
A developer creates an application named App1. App1 is NOT a cluster-aware application. App1 runs as a service. App1 stores date on the cluster disk resource.
You need to ensure that App1 runs in Cluster1. The solution must minimize development effort.
Which cmdlet should you run?

A. Add-ClusterGenericServiceRole
B. Add-ClusterGenericApplicationRole
C. Add-ClusterScaleOutFileServerRole
D. Add-ClusterServerRole

Answer: B
Explanation:
Add-ClusterGenericApplicationRole
Configure high availability for an application that was not originally designed to run in a failover cluster.
If you run an application as a Generic Application, the cluster software will start the application, then periodically query the operating system to see whether the application appears to be running. If so, it is presumed to be online, and will not be restarted or failed over.
EXAMPLE 1.
Command Prompt: C:\PS>
Add-ClusterGenericApplicationRole -CommandLine NewApplication.exe
Name OwnerNode State
—- ——— —–
cluster1GenApp node2 Online Description
———–
This command configures NewApplication.exe as a generic clustered application. A default name will be used for client access and this application requires no storage.
Reference: Add-ClusterGenericApplicationRole
http://technet.microsoft.com/en-us/library/ee460976.aspx

QUESTION 2
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. All client computers run Windows 8.
You need to configure a custom Access Denied message that will be displayed to users when they are denied access to folders or files on Server1.
What should you configure?

A. A classification property
B. The File Server Resource Manager Options
C. A file management task
D. A file screen template

Answer: B
Explanation:
Access-denied assistance can be configured by using the File Server Resource Manager console on the file server.
Note: Access-denied assistance is a new feature in Windows Server 2012, which provides the following ways to troubleshoot issues that are related to access to files and folders:
* Self-assistance. If a user can determine the issue and remediate the problem so that they can get the requested access, the impact to the business is low, and no special exceptions are needed in the central access policy. Access-denied assistance provides an access-denied message that file server administrators can customize with information specific to their organizations. For example, an administrator could set the message so that users can request access from a data owner without involving the file server administrator.
Reference: Scenario: Access-Denied Assistance

QUESTION 2
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012.
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct Answer presents part of the solution. Choose two.)

A. Run Enable-AdfsDeviceRegistration -PrepareActiveDirectory.
B. Edit the multi-factor authentication global authentication policy settings.
C. Run Enable-AdfsDeviceRegistration.
D. Run Set-AdfsProxyProperties HttpPort 80.
E. Edit the primary authentication global authentication policy settings.

Answer: C,E
Explanation:
C. To enable Device Registration Service
On your federation server, open a Windows PowerShell command window and type: Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm.
E. Enable seamless second factor authentication
Seamless second factor authentication is an enhancement in AD FS that provides an added level of access protection to corporate resources and applications from external devices that are trying to access them. When a personal device is Workplace Joined, it becomes a ‘known’ device and administrators can use this information to drive conditional access and gate access to resources.
To enable seamless second factor authentication, persistent single sign-on (SSO) and conditional access for Workplace Joined devices.
In the AD FS Management console, navigate to Authentication Policies. Select Edit Global Primary Authentication. Select the check box next to Enable Device Authentication, and then click OK.
Reference: Configure a federation server with Device Registration Service.

QUESTION 3
You create a new virtual disk in a storage pool by using the New Virtual Disk Wizard. You discover that the new virtual disk has a write-back cache of 1 GB.
You need to ensure that the virtual disk has a write-back cache of 5 GB.
What should you do?

A. Detach the virtual disk, and then run the Resize-VirtualDisk cmdlet.
B. Detach the virtual disk, and then run the Set-VirtualDisk cmdlet.
C. Delete the virtual disk, and then run the New-StorageSubSystemVirtualDisk cmdlet.
D. Delete the virtual disk, and then run the New-VirtualDisk cmdlet.

Answer: D
Explanation:
So what about changing the cache size? Well, you can’t modify the cache size, but you can specify it at the time that you create a new virtual hard disk. In order to do so, you have to use Windows PowerShell.
New-VirtualDisk –StoragePoolFriendlyName “<storage pool name>” –FriendlyName “<v
Reference: Using Windows Server 2012’s SSD Write-Back Cache

QUESTION 4
Your company has offices in Montreal, New York, and Amsterdam.
The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office. All of the sites connect to each other by using the DEFAULTIPSITELINK site link.
You need to ensure that only between 20:00 and 08:00, the domain controllers in the Montreal office replicate the Active Directory changes to the domain controllers in the Amsterdam office.
The solution must ensure that the domain controllers in the Montreal and the New York offices can replicate the Active Directory changes any time of day.
What should you do?

A. Create a new site link that contains Montreal and Amsterdam. Remove Amsterdam from DEFAULTIPSITE1INK. Modify the schedule of DEFAULTIPSITELINK.
B. Create a new site link that contains Montreal and Amsterdam. Create a new site link bridge. Modify the schedule of DEFAULTIPSITELINK.
C. Create a new site link that contains Montreal and Amsterdam. Remove Amsterdam from DEFAULTIPSITELINK. Modify the schedule of the new site link.
D. Create a new site link that contains Montreal and Amsterdam. Create a new site link bridge. Modify the schedule of the new site link.

Answer: C
Explanation:
We create a new site link between Montreal and Amsterdam and schedule it only between 20:00 and 08:00. To ensure that traffic between Montreal and Amsterdam only occurs at this time we also remove Amsterdam from the DEFAULTIPSITELINK.
Reference: How Active Directory Replication Topology Works
http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

QUESTION 5
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.
You need to create an IPv6 scope on Server1. The scope must use an address space that is reserved for private networks. The addresses must be routable.
Which IPV6 scope prefix should you use?

A. 2001:123:4567:890A::
B. FE80:123:4567::
C. FF00:123:4567:890A::
D. FD00:123:4567::

Answer: D
Explanation:
Explanation/Reference:
* A unique local address (ULA) is an IPv6 address in the block fc00::/7, defined in RFC 4193. It is the approximate IPv6 counterpart of the IPv4 private address.
The address block fc00::/7 is divided into two /8 groups: / The block fc00::/8 has not been defined yet.
/ The block fd00::/8 is defined for /48 prefixes, formed by setting the 40 least-significant bits of the prefix to a randomly generated bit string.
* Prefixes in the fd00::/8 range have similar properties as those of the IPv4 private address ranges:
/ They are not allocated by an address registry and may be used in networks by anyone without outside involvement.
/ They are not guaranteed to be globally unique.
/ Reverse Domain Name System (DNS) entries (under ip6.arpa) for fd00::/8 ULAs cannot be delegated in the global DNS.
Reference: RFC 4193

QUESTION 6
Your network contains an Active Directory forest named contoso.com.
Users frequently access the website of an external partner company. The URL of the website is https:://partners.adatum.com.
The partner company informs you that it will perform maintenance on its Web server and that the IP addresses of the Web server will change.
After the change is complete, the users on your internal network report that they fail to access the website. However, some users who work from home report that they can access the website.
You need to ensure that your DNS servers can resolve partners.adatum.com to the correct IP address immediately.
What should you do?

A. Run dnscmd and specify the CacheLockingPercent parameter.
B. Run Set-DnsServerGlobalQueryBlockList.
C. Run ipconfig and specify the Renew parameter.
D. Run Set-DnsServerCache.

Answer: D
Explanation:
The Set-DnsServerCache cmdlet modifies cache settings for a Domain Name System (DNS) server.
Run Set-DnsServerCache with the -LockingPercent switch.
/ -LockingPercent<UInt32>
Specifies a percentage of the original Time to Live (TTL) value that caching can consume. Cache locking is configured as a percent value. For example, if the cache locking value is set to 50, the DNS server does not overwrite a cached entry for half of the duration of the TTL. By default, the cache locking percent value is 100. This value means that the DNS server will not overwrite cached entries for the entire duration of the TTL.
Note. A better way would be clear the DNS cache on the DNS server with either Dnscmd /ClearCache (from command prompt), or Clear-DnsServerCache (from Windows PowerShell).
Reference: Set-DnsServerCache
http://technet.microsoft.com/en-us/library/jj649852.aspx
Incorrect:
Not A. You need to use the /config parameter as well:
You can change this value if you like by using the dnscmd command:
dnscmd /Config /CacheLockingPercent<percent>

Click here to view complete Q&A of 70-412 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-412 Training at certkingdom.com

Microsoft MCP, Microsoft MCSA

Exam 70-410 Installing and Configuring Windows Server 2012

Leave a comment

Published: September 17, 2012
Languages: English, Chinese (Simplified), French, German, Japanese, Portuguese (Brazil)
Audiences: IT professionals
Technology: Windows Server 2012
Credit toward certification: MCP, MCSA, MCS

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

As of January 2014, this exam includes content covering Windows Server 2012 R2.

Install and configure servers (15–20%)
Install servers
Plan for a server installation, plan for server roles, plan for a server upgrade, install Server Core, optimize resource utilization by using Features on Demand, migrate roles from previous versions of Windows Server
Configure servers
Configure Server Core, delegate administration, add and remove features in offline images, deploy roles on remote servers, convert Server Core to/from full GUI, configure services, configure NIC teaming, install and configure Windows PowerShell Desired State Configuration (DSC)
Configure local storage
Design storage spaces, configure basic and dynamic disks, configure master boot record (MBR) and GUID partition table (GPT) disks, manage volumes, create and mount virtual hard disks (VHDs), configure storage pools and disk pools, create storage pools by using disk enclosures

Preparation resources
Plan for server roles
Configure Server Core
Windows Server 2012 “early experts” challenge – Exam 70-410 – storage spaces

Configure server roles and features (15–20%)
Configure file and share access
Create and configure shares, configure share permissions, configure offline files, configure NTFS permissions, configure access-based enumeration (ABE), configure Volume Shadow Copy Service (VSS), configure NTFS quotas, create and configure Work Folders
Configure print and document services
Configure the Easy Print print driver, configure Enterprise Print Management, configure drivers, configure printer pooling, configure print priorities, configure printer permissions
Configure servers for remote management
Configure WinRM, configure down-level server management, configure servers for day-to-day management tasks, configure multi-server management, configure Server Core, configure Windows Firewall, manage non-domain joined servers

Preparation resources
Improve file server resiliency with ReFS in Windows Server 2012
Simplified printing with Windows 8 and Windows Server 2012
Using the Windows Server 2012 Server Manager for remote and multi-server management

Configure Hyper-V (15–20%)
Create and configure virtual machine settings
Configure dynamic memory, configure smart paging, configure Resource Metering, configure guest integration services, create and configure Generation 1 and 2 virtual machines, configure and use enhanced session mode, configure RemoteFX
Create and configure virtual machine storage
Create VHDs and VHDX, configure differencing drives, modify VHDs, configure pass-through disks, manage checkpoints, implement a virtual Fibre Channel adapter, configure storage Quality of Service
Create and configure virtual networks
Configure Hyper-V virtual switches, optimize network performance, configure MAC addresses; configure network isolation, configure synthetic and legacy virtual network adapters, configure NIC teaming in virtual machines

Preparation resources
Hyper-V dynamic memory overview
Configuring virtual disks and storage
Hyper-V network virtualization overview

Deploy and configure core network services (15–20%)
Configure IPv4 and IPv6 addressing
Configure IP address options, configure IPv4 or IPv6 subnetting, configure supernetting, configure interoperability between IPv4 and IPv6, configure Intra-site Automatic Tunnel Addressing Protocol (ISATAP), configure Teredo
Deploy and configure Dynamic Host Configuration Protocol (DHCP) service
Create and configure scopes, configure a DHCP reservation, configure DHCP options, configure client and server for PXE boot, configure DHCP relay agent, authorize DHCP server
Deploy and configure DNS service
Configure Active Directory integration of primary zones, configure forwarders, configure Root Hints, manage DNS cache, create A and PTR resource records

Preparation resources
IPv6 bootcamp: Get up to speed quickly
What is DHCP?

Install and administer Active Directory (15–20%)
Install domain controllers
Add or remove a domain controller from a domain, upgrade a domain controller, install Active Directory Domain Services (AD DS) on a Server Core installation, install a domain controller from Install from Media (IFM), resolve DNS SRV record registration issues, configure a global catalog server, deploy Active Directory infrastructure as a service (IaaS) in Microsoft Azure
Create and manage Active Directory users and computers
Automate the creation of Active Directory accounts; create, copy, configure, and delete users and computers; configure templates; perform bulk Active Directory operations; configure user rights; offline domain join; manage inactive and disabled accounts
Create and manage Active Directory groups and organizational units (OUs)
Configure group nesting; convert groups, including security, distribution, universal, domain local, and domain global; manage group membership using Group Policy; enumerate group membership; delegate the creation and management of Active Directory objects; manage default Active Directory containers; create, copy, configure, and delete groups and OUs

Preparation resources
What’s new in Active Directory Domain Services (ADDS) installation
Virtualization-safe technology and domain controller cloning
Overview of Active Directory simplified administration

Create and manage Group Policy (15–20%)
Create Group Policy objects (GPOs)
Configure a Central Store, manage starter GPOs, configure GPO links, configure multiple local Group Policies
Configure security policies
Configure User Rights Assignment, configure Security Options settings. configure Security templates, configure Audit Policy, configure Local Users and Groups, configure User Account Control (UAC)
Configure application restriction policies
Configure rule enforcement, configure AppLocker rules, configure Software Restriction Policies
Configure Windows Firewall
Configure rules for multiple profiles using Group Policy; configure connection security rules; configure Windows Firewall to allow or deny applications, scopes, ports, and users; configure authenticated firewall exceptions; import and export settings

Preparation resources
What’s new in Group Policy in Windows Server 2012
Group Policy analysis and troubleshooting
Group Policy setting reference for Windows 8 and Windows Server 2012

QUESTION 1
Your company has a main office and two branch offices. The offices connect to each other by using a WAN link.
In the main office, you have a server named Server1 that runs Windows Server 2012 R2.
Server1 is configured to use an IPv4 address only.
You need to assign an IPv6 address to Server1. The IP address must be private and routable.
Which IPv6 address should you assign to Server1?
A. fe80:ab32:145c::32cc:401b
B. ff00:3fff:65df:145c:dca8::82a4
C. 2001:ab32:145c::32cc:401b
D. fd00:ab32:14:ad88:ac:58:abc2:4

Answer: D

Explanation:
Unique local addresses are IPv6 addresses that are private to an organization in the same way that private addresses–such as 10.x.x.x, 192.168.x.x, or 172.16.0.0 172.31.255.255–can be used on an IPv4 network.
Unique local addresses, therefore, are not routable on the IPv6 Internet in the same way that an address like 10.20.100.55 is not routable on the IPv4 Internet. A unique local address is always structured as follows:
The first 8 bits are always 11111101 in binary format. This means that a unique local address always begins with FD and has a prefix identifier of FD00::/8.

QUESTION 2
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2 and has the
Hyper-V server role installed.
On Server1, you create and start a virtual machine named VM1. VM1 is configured as shown in the following table.


You need to recommend a solution to minimize the amount of disk space used for the checkpoint of VM1.
What should you do before you create the checkpoint?
A. Run the Resize-VHD cmdlet.
B. Convert Disk1.vhd to a dynamically expanding disk.
C. Shut down VM1.
D. Run the Convert-VHD cmdlet.

Answer: C

Explanation:
Changing between a fixed and dynamic disk type does not alter the size of a SNAPSHOT much at all.
However, since a snapshot is a record of a VMs state at the exact time that the snapshot was taken, shutting down the VM before taking the snapshot prevents the snapshot from having to contain all of the data in RAM (as there is no data in memory when a machine is powered down).
The question states that the solution should minimize the amount of disk space used for the checkpoint of VM1. If the checkpoint is taken while VM1 is running, there will be two attritional files present at the checkpoint location; a .VSV with VM1 saved state files and a
.BIN file which contains VM1’s memory contents. If, however, VM1 is shut down first, these files will not be created, thus saving disk space.
In order to convert Disk1.vhd to a dynamically expanding disk, VM1 still have to be shut down.

QUESTION 3
Your network contains an Active Directory forest named contoso.com.
The forest contains two domains named contoso.com and child.contoso.com and two sites named Site1 and Site2. The domains and the sites are configured as shown in following table.


When the link between Site1 and Site2 fails, users fail to log on to Site2.
You need to identify what prevents the users in Site2 from logging on to the child.contoso.com domain.
What should you identify?
A. The placement of the global catalog server
B. The placement of the infrastructure master
C. The placement of the domain naming master
D. The placement of the PDC emulator

Answer: D

Explanation:
The exhibit shows that Site2 does not have a PDC emulator. This is important because of the close interaction between the RID operations master role and the PDC emulator role.
The PDC emulator processes password changes from earlier-version clients and other domain controllers on a best-effort basis; handles password authentication requests involving passwords that have recently changed and not yet been replicated throughout the domain; and, by default, synchronizes time. If this domain controller cannot connect to the PDC emulator, this domain controller cannot process authentication requests, it may not be able to synchronize time, and password updates cannot be replicated to it.
The PDC emulator master processes password changes from client computers and replicates these updates to all domain controllers throughout the domain. At any time, there can be only one domain controller acting as the PDC emulator master in each domain in the forest.

QUESTION 4 HOTSPOT
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
All servers are configured to enforce AppLocker policies.
You install a server named Server1.
On Server1, you install an application named App1.exe in a folder located on C:\App1.
You have two domain groups named Group1 and Group2.A user named User1 is a member of Group1 and Group2.
You create a Group Policy object (GPO) named GPO1. You link GPO1 to contoso.com.
You create the executable rules as shown in the exhibit by using the Create Executable Rules wizard. (Click the Exhibit button.)


To answer, complete each statement according to the information presented in the exhibit. Each correct selection is worth one point.

Answer:

QUESTION 5
Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Hyper-V server role installed.
Server1 hosts four virtual machines named VM1, VM2, VM3, and VM4.
Server1 is configured as shown in the following table.


You need to ensure that VM1 can use more CPU time than the other virtual machines when the CPUs on Server1 are under a heavy load.
What should you configure?
A. NUMA topology
B. Resource control
C. resource metering
D. virtual Machine Chimney
E. The VLAN ID
F. Processor Compatibility
G. The startup order
H. Automatic Start Action
I. Integration Services
J. Port mirroring
K. Single-root I/O virtualization

Answer: B

Explanation:
B. Resource controls provide you with several ways to control the way that Hyper-V allocates resources to virtual machine. Resource control in used in the event where you need to adjust the computing resources of a virtual machine, you can reconfigure the resources to meet the changing needs. You can also specify resource controls to automate how resources are allocated to virtual machines.
References: https:://technet.microsoft.com/en-us/library/cc766320(v=ws.10).aspx https:://technet.microsoft.com/en-us/library/hh831410.aspx https:://technet.microsoft.com/en-us/library/cc742470.aspx
Exam Ref 70-410, Installing and Configuring Windows Server 2012 R2, Chapter 3: Configure Hyper-V, Objective 3.1: Create and Configure virtual machine settings, p.144 Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 7: Hyper-V Virtualization, Lesson 2: Deploying and configuring virtual machines, p.335

QUESTION 6
Your network contains an Active Directory domain named contoso.com. The domain contains a DHCP server named Server1 that runs Windows Server 2012 R2.
You create a DHCP scope named Scope1. The scope has a start address of 192.168.1.10, an end address of 192.168.1.50, and a subnet mask of 255.255.255.192.
You need to ensure that Scope1 has a subnet mask of 255.255.255.0.
What should you do first?
A. From the DHCP console, reconcile Scope1.
B. From the DHCP console, delete Scope1.
C. From the DHCP console, modify the Scope Options of Scope1.
D. From Windows PowerShell, run the Set-DhcpServerv4Scope cmdlet.

Answer: B

Explanation:
You cannot change the subnet mask of a DHCP scope without deleting the scope and recreating it with the new subnet mask.
Set-DhcpServerv4Scope does not include a parameter for the subnet mask.

QUESTION 7
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Group Policy Management feature installed. Server2 has the Print and Document Services server role installed.
On Server2, you open Print Management and you deploy a printer named Printer1 by using a Group Policy object (GPO) named GPO1.When you open GPO1 on Server1, you discover that the Deployed Printers node does not appear.
You need to view the Deployed Printers node in GPO1.
What should you do?
A. On Server1, modify the Group Policy filtering options of GPO1.
B. On a domain controller, create a Group Policy central store.
C. On Server2, install the Group Policy Management feature.
D. On Server1, configure the security filtering of GPO1.

Answer: C

Explanation:
Pre-Requisites
To use Group Policy for printer deployment you will need to have a Windows Active Directory domain, and this article assumes that your Domain Controller is a Windows 2008 R2 Server. You will also need the Print Services role installed on a server (can be on your DC), and you will be using the Print Management and Group Policy Management consoles to configure the various settings. It’s assumed that you have already followed Part One and have one or more printers shared on your server with the necessary drivers, ready to deploy to your client computers.

 

 

Click here to view complete Q&A of 70-410 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-410 Training at certkingdom.com

comptia a+ certification, MCTS, Microsoft, Microsoft MCP, Microsoft MCSA

IT services group celebrates staff success

Leave a comment

Senior systems engineer Adam Willford and systems engineer Alex Taylor have been awarded the Microsoft Certified Solutions Expert (MCSE) qualification after passing exams in the technology giant’s flagship credential.

The qualification is a globally recognised standard for IT professionals, and proves the individual’s ability to build innovative solutions across multiple technologies.

It demonstrates the holder’s competence in server and desktop infrastructure, the cloud, messaging, communication, data platform and business intelligence.

Senior helpdesk engineer Ben Coltman has become a Microsoft Certified Professional (MCP) after passing the first of two exams, which shows his IT professionalism and technical expertise.

This first level covers a wide range of Microsoft products, technologies and solutions and the exam involves multiple choice questions, drag and drop questions and hotspot questions along with scenario-based ones.

Meanwhile, helpdesk apprentice Sam Wood has passed the first part of two CompTIA A+ examinations which are seen as the starting point for a career in IT.

The tests cover maintenance of PCs, mobile devices, laptops, operating systems and printers.

CompTIA, also known as the Computing Technology Industry Association, is a non-profit trade association, and looks to advance the global interests of IT professionals and IT channel organisations.

A few days before passing his CompTIA exam he also passed his test to become a Microsoft Certified Technology Associate (MTA).

Lee Evans, Vital Network Solutions’ managing director said: “Adam, Ben, Alex and Sam have worked really hard to gain these qualifications so well done to all of them, and we’re really pleased to be able to continue supporting them as their careers develop.

“Having highly-qualified employees is a major asset to us as we continue to grow year-on-year, and adds strength to our already highly competent IT management department.”

Founded in 1996, Vital has an annual turnover in excess of £1 million, and specialises in providing small and medium-sized businesses across Yorkshire with outsourced IT support and management services, advising, deploying and supporting Microsoft’s cloud and Office 365 solutions.

In 2013 Vital joined a group of only one per cent of Microsoft partners, including just 300 in the UK, when it was awarded Microsoft’s Cloud Accelerate partnership status, which has now been replaced by SMCS.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCP Training at certkingdom.com

Microsoft MCSA

70-467 Designing Business Intelligence Solutions with Microsoft SQL Server 2012

Leave a comment

QUESTION 1
You are using SQL Server Management Studio (SSMS) to configure the backup for ABC
Solutions. You need to meet the technical requirements.
Which two backup options should you configure? (Choose two).

A. Enable encryption of the backup file.
B. Enable compression of the backup file.
C. Disable encryption of the backup file.
D. Disable compression of the backup file.

Answer: B,C

Explanation:

QUESTION 2
You need to convert the Production, Sales, Customers and Human Resources databases to
tabular BI Semantic Models (BISMs).
Which two of the following actions should you perform? (Choose two)

A. You should select the tabular mode option when upgrading the databases using the Database
Synchronization Wizard.
B. You should select the tabular mode destination option when copying the databases using SQL
Server Integration Services (SSIS).
C. You should select the tabular mode option during the installation of SQL Server Analysis
Services.
D. You should redevelop the projects and deploy them using SQL Server Data Tools (SSDT).

Answer: A,D

Explanation:

QUESTION 3
ABC users report that they are not receiving report subscriptions from SQLReporting01.
You confirm that the report subscriptions are not being delivered.
Which of the following actions should you perform to resolve the issue?

A. You should run the SQL Server 2012 Setup executable on SQLReporting01 to generate a
configuration file.
B. You should reset the password of the SQL Server Service account.
C. You should manually fail over the SSAS cluster.
D. You should restore the ReportServer database on SQLReporting01.

Answer: C

Explanation:

QUESTION 4
ABC users report that they are not receiving report subscriptions from SQLReporting01.
You confirm that the report subscriptions are not being delivered.
Which of the following actions should you perform to resolve the issue?

A. You should run the SQL Server 2012 Upgrade Wizard to upgrade the active node of the
SSAS cluster.
B. You should start the SQL Server Agent on the active node of the SSAS cluster.
C. You should restore the ReportServerTempDB database on SQLReporting01.
D. You should start the SQL Server Agent on SQLReporting01.

Answer: D

Explanation:

QUESTION 5
You need to make the SSAS databases available on SSAS2012 to enable testing from client
applications. Your solution must minimize server downtime and maximize database
availability.
What should you do?

A. You should detach the databases from the SSAS cluster by using SQL Server Management
Studio (SSMS) then attach the databases on SSAS2012.
B. You should copy the database files from the SSAS cluster to SSAS2012.
C. You should export the databases from the SSAS cluster by using SQL Server Management
Studio (SSMS) then import the databases on SSAS2012.
D. You should restore a copy of the databases from the most recent backup.

Answer: D

Explanation:

MCTS Training, MCITP Trainnig

Best Microsoft MCSA: SQL Server 2012 Certification, Microsoft 70-467 Training at certkingdom.com