70-410 Q/A Flashcards Preview

MCSE > 70-410 Q/A > Flashcards

Flashcards in 70-410 Q/A Deck (272)
Loading flashcards...
1
Q

Which type of zone prevents the DNS server from looking outside the zone on the DNS server to resolve a name?

A

A root zone

2
Q

What is the default location for Work Folders on a client computer?

A

%USERPROFILE%\Work Folders

3
Q

What is the default number of pooled MAC addresses available to a server running Hyper-V?

A

256

4
Q

Which generation(s) of virtual machines supports both VHDs and VHDXs?

A

Generation 1 virtual machines only

5
Q

After you have selected Save my settings for future connections to this virtual machine and then clicked Connect to connect a virtual machine that supports enhanced session mode in a Virtual Machine Connection session, where is the configuration file saved?

A

%appdata%\roaming\Microsoft\Windows\Hyper-V\Client\1.0

6
Q

What Windows Server 2012 R2 function replaced the Snapshot function in Hyper-V manager of Windows Server 2008 and Windows Server 2012?

A

Checkpoint

7
Q

Which IPv6 prefix is a unique local unicast allocation?

A

FC00::/7

8
Q

What utility can you use to enable remote management on a Server Core installation of Windows Server?

A

sconfig

9
Q

Why do pass-through disks give better performance than virtual disks for a virtual machine on a Hyper-V host?

A

Pass-through disks allow for the virtual machines to get raw disk access, which is important when you have a storage operating system controlling the drives.

10
Q

Which Windows server versions can run as a guest operating system on a Hyper-V host that can use a virtual Fiber Channel Adapter to connect to an attached virtual SAN?

A

Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

11
Q

Why does Microsoft recommend that you create a new Group Policy Object (GPO) for AppLocker in environments where both Software Restriction Policies and AppLocker are in place?

A

If you upgrade a computer that uses Software Restriction Policies to Windows Server 2012 R2 or Windows 8.1, and then implement AppLocker rules, only the AppLocker rules will be enforced.

12
Q

What Hyper-V feature introduced in Windows Server 2008 R2 defines the startup memory as the minimum amount of memory that a virtual machine can have?

A

Dynamic Memory

13
Q

Which tool do you use to edit a local Group Policy on a computer?

A

You can open and edit a GPO by using the Group Policy Editor

14
Q

How do you hide a share so that it is not visible in the network, but allows users that have the appropriate permissions to access the folder?

A

Create a hidden share by putting a dollar sign ($) after the share name

15
Q

Which IPv6 prefix is a global unicast allocation?

A

2000::/3

16
Q

If you have a domain with both Windows Server 2012 and Windows Server 2008 servers, which cmdlet must you run before you configure anything using a PowerShell cmdlet on a Windows Server 2008 server Core edition server?

A

Import-module ServerManager

17
Q

Which type of zone resolves an IP address to a name?

A

A reverse lookup zone

18
Q

What does the Block all connections setting on a Firewall profile block?

A

Blocks all connections, regardless of any firewall rules that explicitly allow the connection

19
Q

Which generation(s) of virtual machines allows the VM to boot using Ipv4?

A

Both Generation 1 and Generation 2 virtual machines

20
Q

What subnet mask would you use to further divide the 10.10.0.0/16 network to a subnet that supports up to 2100 hosts?

A

/20 or 255.255.240.0 which supports 2^12-2 or 4094 hosts per subnet

21
Q

Which DHCP option number specified a list of IP addresses for DNS name servers available to the client?

A

006

22
Q

Which services under Integration Services in Hyper-V Manager can you make available to a virtual machine?

A

Operating system shutdown, Time synchronization, Data Exchange, Heartbeat, Backup (volume snapshot)

23
Q

How can you use the Recycle Bin to retrieve yesterday’s version of a document that was mistakenly updated with erroneous information today?

A

You can’t. The Recycle Bin can only be used to retrieve files that have been deleted, not updated

24
Q

Which cmdlet creates a point-in-time image of a virtual machine for later use?

A

Checkpoint-VM

25
Q

Which new feature of Windows Server 2012 R2 moves frequently accessed data to solid-state drives, and infrequently accessed data to slower drives?

A

Storage tiers

26
Q

How do you recover a lost command prompt on a Server Core installation of Windows Server 2012 R2?

A

Press Ctrl+Alt+Del and select Task Manager. From the File menu chose Run new task and enter cmd.exe.

27
Q

Which Ports and protocols should you enable on a Windows Firewall for a Windows Server 2012 R2 acting as a VPN server to allow inbound L2TP connections?

A

UDP port 500 and 4500 as well as IP Protocol ID 50

28
Q

Can you upgrade from a windows server 2008 R2 Server Core installation to the Server with a GUI mode of Windows Server 2012 R2 in one step?

A

No. You must first upgrade your Server Core installation to Windows Server 2012 R2 Core, then switch to the GUI mode of Windows Server 2012 R2

29
Q

What are the four steps for Windows Server Migration Tools installation and preparation?

A
  1. Install Windows Server Migration Tools on destination servers that run Windows Server 2012 R2
  2. Create deployment folders on destination servers that run Windows Server 2012 R2, for copying to source servers.
  3. Copy deployment folders from destination servers to source servers.
  4. Register Windows Server Migration Tools on source servers.
30
Q

What are the first valid subnets that you can use if you need to subdivide the 192.168.0.0/24 into three subnets with 57 computers on each subnet?

A

192.168.0.0/26, 192.168.0.64/26, 192.168.0.128/26

31
Q

How many domain controllers can have the domain naming master role?

A

Only one domain controller per forest

32
Q

What type of condition would you apply to an AppLocker rule to restrict users from running a specific version number of a program?

A

A file hash rule

33
Q

What path on a domain controller contains the Group Policy files?

A

%SystemRoot%\SYSVOL\Domain\Policies\GPOGUID path, where GPOGUID is the GUID of the Group Policy container

34
Q

Which component relays DHCP messages between DHCP clients and DHCP servers on different IP networks separated by a router that is not RFC 1542 compliant?

A

The DHCP Relay Agent

35
Q

What Windows Server 2012 R2 functionality allows communication between IPv6 and IPv4 networks that are behind NAT servers when you cannot use ISATAP or 6to4?

A

Teredo

36
Q

What tool can you use to migrate some server roles, features, operating system settings, shares and other data from computers that are running certain editions of Windows Server 2003 R2 to computers that are running Windows Server 2012 R2?

A

Windows Server Migration Tools

37
Q

When configuring MAC address ranges on different Hyper-V hosts, what guidelines should you follow?

A

The ranges that you specify cannot overlap, the first three octets of the beginning and ending MAC address must be the same, you must enter a valid hexadecimal values between 00 and FF

38
Q

When a virtual machine snapshot is deleted, why is the deleted snapshot’s storage space available without requiring a VM restart?

A

In Windows Server 2012, operations that keep the virtual machines and any remaining snapshots synchronized after deleting a snapshot occur while the VM remains running.

39
Q

What type of storage layout from a storage pool is best suited for archival data and streaming media, such as music and videos?

A

Parity Spaces

40
Q

Software based keyboards are found in which generation(s) of virtual machines?

A

Generation 2 only

41
Q

What permissions are assigned to the parent OU and child OU when you create a child OU that has the Protect object from accidental deletion setting enabled?

A
  1. An explicit Deny ACEs for the Delete and Delete Subtree advanced permissions for the Everyone group is applied to the child OU
  2. An explicit Deny ACE for the Delete All Child Objects permission for the Everyone group is applied to the parent container OU
42
Q

Which feature of the Hyper-V role allows you to specify whether a VM is allowed to change its source MAC address for outgoing frames?

A

MAC address spoofing

43
Q

Which Generation(s) of virtual machines can have a boot disk with either a MBR partition table or GPT partition table?

A

Generation 2 virtual machines only

44
Q

What happens to the original *.vhd file after you choose the Convert option in the Virtual Hard Disk wizard?

A

The original *.vhd file is retained along with the new *vhdx file that contains the contents of the original *.vhd file.

45
Q

How would you grant a group of users the authority to reset user’s passowrds for the OUs located in the domain?

A

On the OU, use the Delegation of Control Wizard to delegate the Reset user passwords and force password change at next logon task to the group.

46
Q

Which GPO setting manages mapped drives, scheduled tasks, environment variables, printer mappings and Start menu settings?

A

Preferences

47
Q

Which firewall profile is applied when a computer is connected to a domain through a public network?

A

Public profile

48
Q

What are the five characteristics that you can use to segregate or group client computers based on a DHCP policy?

A
  1. MAC address
  2. Vendor class
  3. User class
  4. Client identifier
  5. Relay agent information
49
Q

Which Hyper-V feature offloads the per-packet encryption operations from the VM to the NIC, resulting in substantial CPU savings?

A

Ipsec Task Offload (IpsecTO)

50
Q

What path in a GPO do you use to enable the Configure slow-link mode policy setting?

A

Computer Configuration \ Policies \ Administrative Templates \ Network \ Offline Files

51
Q

What are two ways to remove the GUI Management Tools from a full installation of Windows Server 2012 R2?

A

Run Uninstall-WindowsFeature or use Server Manager to remove the Graphical Management Tools and Infrastructure feature.

52
Q

What should you do to ensure that only authorized users are able to register their records in the DNS zone?

A

Create an Active Directory-integrated zone and configure the zone for secure dynamic updates only

53
Q

Which PowerShell cmdlet would you use to enable Windows PowerShell Remoting on a Windows Server 2012 R2 server core server so that commands typed in Windows PowerShell on one computer are able to run on another computer?

A

Enable-PSRemoting

54
Q

How do you upgrade from Windows Server 2008 Server Core installation to the Server with a GUI mode of Windows Server 2012 R2?

A

One-step upgrades are not supported. You must first upgrade your Server Core installation to Windows Server 2012 Server Core, then switch to the GUI mode of Windows Server 2012 R2.

55
Q

Which command can be used to redirect newly created computer accounts from the default container named CN=Computers to a specified container?

A

The redircmp command

56
Q

What feature of Windows Server 2012 R2 server allows the computer a local Internet router to provide a site with IPv6 connectivity over the IPv4 Internet?

A

6to4 router

57
Q

What feature in Windows Server 2008 and Windows Server 2012 enables users to reliably print from a RemoteApp program or from a terminal server desktop session to the correct printer on their client computer?

A

The Remote Desktop Easy Print driver

58
Q

Which type of virtual hard disk provides better use of physical storage space and is recommended for servers running applications that are not disk-intensive?

A

Dynamically expanding virtual hard drive that uses the VHDX format

59
Q

Which PowerShell cmdlet would you use to rename a Windows Server 2012 R2 Server Core server?

A

Rename-Computer

60
Q

When you want to set up a pass-through disk for a virtual machine, what state must you configure for the physical disk in the Disk Management snap-in?

A

Offline

61
Q

What is the term when one logical printer is connected to multiple printer devices through multiple ports of the print server?

A

A printer pool

62
Q

What is the minimum number of dynamic drives required to create a mirrored volume?

A

2

63
Q

Which cmdlet will create a new switch team that is manipulated by forwarding extensions in the Hyper-V Extensible Switch?

A

New-NetSwitchTeam

64
Q

When printer priorities are configured for print devices, what printer is allowed to print first?

A

The one with the highest priority, which is the one with the highest number assigned to it

65
Q

Which user right allows a user to add workstations to the domain?

A

The Add workstations to domain local policy

66
Q

What must an Enterprise Administrator do in Active Directory Users and Computers before moving a newly created child OU to a different parent OU?

A

On the properties of the child OU, under the Object tab, clear the Protect object from accidental deletion checkbox.

67
Q

What would be the reason to setup a virtual machine with a pass-through disk?

A

Pass through disks provide noticeably better performance

68
Q

Which local resources can be redirected to a virtual machine session through Virtual Machine Connection tool through enhanced session mode?

A
  • Display configuration
  • Audio
  • Printers
  • Clipboard
  • Smart cards
  • USB devices & drivers
  • Supported Plug and Play devices
69
Q

How can you copy AppLocker rules to another computer?

A

Export the AppLocker rules from a GPO or local security policy to an XML file, and import the XML file to another GPO or another local security policy

70
Q

After creating ADMX files to define registry-based policy settings on all client computers in the domain, what should you do to ensure that the custom ADMX file for the Chinese language is automatically available to all Group Policy administrators in the domain?

A

Create an ADML file and copy it to the SYSVOL\domain\policies\PolicyDefinitions[MUIculture] folder on the domain controller.

71
Q

Which IPv6 prefix is a link-scoped unicast allocation?

A

FE80::/10

72
Q

If a client has a DHCP reservation, the DHCP allow list is not enabled, and the client on the DHCP deny list, will the client receive an IP address from the DHCP server?

A

No. You’ll have to remove the MAC address for that client from the deny list.

73
Q

If a DNS server has both a conditional forwarder defined for a given domain and a server level forwarder, which forwarder will be used to resolve a query in the given domain?

A

The conditional forwarder

74
Q

Which generation(s) of virtual machines allows the VM to boot using IPv6?

A

Generation 2 virtual machines only

75
Q

What feature of a Generation 2 virtual machine helps prevent unauthorized code from running at boot time?

A

Secure Boot

76
Q

To open the Windows Firewall with Advanced Security from the Start screen, what do you type from the RUN prompt?

A

wf.msc

77
Q

Which feature of the Hyper-V role allows you to make services such as Volume Shadow copy Services, time synchronization and operating system shutdown available to a virtual machine?

A

Integration services

78
Q

Which user feature protects the computer from the unauthorized installation of any software?

A

User Account Control (UAC)

79
Q

Which feature introduced in Windows Server 2012 lets remote users run PowerShell commands from any web-enabled device?

A

Windows PowerShell Web Access

80
Q

For each IP network segment that contains DHCP clients but does not contain a DHCP server, what component must be installed if the router does not forward Bootp broadcasts?

A

The DHCP Relay Agent

81
Q

Which edition of Windows Server 2012 based operating system should be the source of the media that you use to create additional domain controllers running Windows Server 2012 R2 Datacenter edition with the install from media (IFM) method?

A

Windows Server 2012 R2 Datacenter Addition

82
Q

What allows a virtual machine to connect to a virtual SAN attached to a Windows Server 2012 server with the Hyper-V role installed?

A

Virtual Fiber Channel Adapter

83
Q

Which Hyper-V feature allows you to have a VM change its source MAC address for outgoing packets?

A

MacAddressSpoofing

84
Q

What is the difference between “Same Sign-On” and “Single Sign-On”?

A

“Single Sign-On” is used with ADFS and allows users to access resources without being prompted for credentials if they are logged in to the AD network. “Same Sign-On” prompts users for credentials even if they are logged in to the AD network.

85
Q

What PowerShell cmdlet creates a snapshot of each virtual machine on a Windows Server 2012 R2 server that is running the Hyper-V role?

A

Get-VM –ComputerName (name of Hyper-V server) | Checkpoint-VM

86
Q

Which command allows you to remotely execute commands on a Windows Server 2012 R2 server?

A

winrs

87
Q

What will happen if all scopes on a DHCP server are deactivated, but the DHCP server is authorized?

A

The scope must be activated to issue IP addresses to clients on the subnet

88
Q

What type of condition would you apply to an AppLocker rule to restrict users from installing software in a particular location?

A

A path rule

89
Q

If you have multiple GPOs on a Windows Server 2012 server, in what order are the local GPOs processed?

A
  1. Local Group Policy
  2. Administrator and Non-Administrator Group Policy
  3. User-specific Local Group Policy
90
Q

How can you perform an in-place upgrade from Windows Server 2008 server with a 32-bit processor to Windows Server 2012 R2?

A

In-place upgrades from 32-bit to 64-bit architectures are not supported. You must perform a clean installation on hardware with a 64-bit processor.

91
Q

What type of AppLocker rules are available to configure in a GPO for Windows 8.1 or Windows Server 2012 R2 computers?

A

Packaged app rules, executable rules, Windows Installer rules and script rules

92
Q

Which generation(s) of virtual machines allows a virtual machine to boot from a device attached to a SCSI controller?

A

Generation 2 virtual machines only

93
Q

When can single-root I/O virtualization (SR-IOV) be configured in Virtual Switch Manager?

A

Only when a virtual switch is created

94
Q

How must you configure a Windows Server 2012 R2 server in a workgroup with the DNS serer role loaded in order to support Active Directory Zones?

A

Make the server a domain controller

95
Q

Which PowerShell cmdlet modifies properties of OU?

A

Set-ADOrganizationalUnit

96
Q

How do you use Server Manager to uninstall the graphical user interface (GUI) on a full installation of Windows Server 2012 R2?

A

From Server Manager, uninstall the User Interfaces and Infrastructure feature

97
Q

What action must you perform on a running Generation 2 virtual machine before disabling Secure Boot?

A

Power off the VM

98
Q

Why do you need RSAT for Windows 8 to manage servers running Windows Server 2012 R2?

A

Server Manager running Windows Server 2012 or Windows 8 cannot be used to manage servers that are running Windows Server 2012 R2

99
Q

What feature of Hyper-V in Windows Server 2012 R2 uses disk resources as additional temporary memory when more memory I required to restart a virtual machine?

A

Smart Paging

100
Q

To configure Windows PowerShell Web Access, what three things must you do?

A
  1. Install Windows PowerShell Web Access
  2. Configure the gateway
  3. Configure authorization rules that allow users access to the Web-based Window PowerShell console
101
Q

Why can you not use distribution groups to assign permissions explicitly or implicitly through membership in other groups for resources?

A

Unlike security groups, distribution groups are not security principals

102
Q

Which installation method can reduce the replication traffic that is initiated during the installation of an additional domain controller in an Active Directory domain?

A

The install from media (IFM) method

103
Q

How can domain administrators disable the processing of local GPOs on clients that are running Windows client and Windows Server operating systems?

A

By enabling the Turn Off Local Group Policy Object Processing policy setting in a domain GPO

104
Q

Which service should you restart to re-register all SRV records for a domain controller?

A

The NetLogon service

105
Q

What should you do to allow AppLocker rules to test what software will be affected by the rules when they are implemented

A

Set enforcement to Audit

106
Q

What is the role of the Teredo server?

A

To assist the Taredo clients with address configuration and to facilitate IPv6 connectivity on an IPv4 Internet

107
Q

Which service, if stopped, will prevent AppLocker policies from being enforced?

A

The Application Identity service

108
Q

Which cmdlet(s) can you use to create a domain controller on a Server Core installation of Windows Server 2012 R2?

A

install-windowsfeature – Name AD-Domain-Services
or
get-windowsfeature AD-Domain-Services | install-windowsfeature
and
Install-ADDSDomainController

109
Q

Under what circumstances can you NOT perform an in-place upgrade to Windows Server 2012?

A

In-Place upgrades are NOT supported:
• From a 32-bit edition of Windows Server
• From one language to another
• From one build type to another
• From a Server Core installation directly to a full installation (GUI mode)
• From a pre-release version of Windows Server 2012

110
Q

Which command is used to configure one or many servers with an SCW-generated policy?

A

Scwcdm

111
Q

How must you configure a member server with the DNS server in a domain with the DNS server role loaded to support Active Directory zones?

A

Make the server a domain controller

112
Q

What subnet mask would you use to further divide the 192.168.0.0/24 network to a subnet that supports up to 110 hosts?

A

/25 or 255.255.255.128

113
Q

What are the two enforced options that can be set on the enforcement of AppLocker executable rules, Windows Installer rules, script rules and packaged app rules?

A

Enforce Rules and Audit

114
Q

If you upgrade a computer that is using Software Restriction Policies to Windows Server 2012 R2 or Windows 8.1, and then implement AppLocker rules, which set of policies is enforced?

A

Only the AppLocker rules are enforced

115
Q

Which cmdlet will install Work Folders on a Windows Server 2012 R2 server?

A

Install-WindowsFeature FS-SyncShareService

116
Q

What technology uses 128-bit IP addresses and allows for the use of 340 undecillion addresses?

A

IPv6

117
Q

Which PowerShell cmdlet modifies the properties of a computer account?

A

Set-ADComputer

118
Q

How does the load balancing and failover of network traffic differ between Windows Server 2012 and Windows Server 2012 R2?

A

Unlike Windows Server 2012, Windows Server 2012 R2 provides a balanced load distribution between NICs in a NIC team

119
Q

What command enables Server Manager remote management and enables all required firewall rule exceptions?

A

Configure-SMRemoting.exe –enable

120
Q

Which Operation master role is responsible for assigning Security Identifiers (SIDs) to objects such as users and groups?

A

RID Master

121
Q

What IPv6 transition technology defines a method for generating a link-local IPv6 address from an IPv4 address, and a mechanism to perform Neighbor Discovery on top of IPv4?

A

ISATAP

122
Q

Which PowerShell cmdlet deletes user accounts?

A

Remove-ADUser

123
Q

What PowerShell cmdlet would you use to set a static IP address on a Windows Server 2012 R2 Server Core?

A

New-NetIPAddress

124
Q

If you had a Restricted Group setting and a Preference setting in the membership of a group in a Group Policy Object, which setting would apply?

A

The Restricted Group setting would apply because GPO policy settings take priority over GPO preference settings if there is a conflict

125
Q

What cmdlet can you use to enable firewall rules for remote management on a Server Core installation of Windows Server 2012 R2?

A

Enable-NetFirewallRule – DisplayGroup “Windows Remote Management”

126
Q

What type of AppLocker rule would you use to control an application from the Windows Store?

A

A packaged app rule

127
Q

What command provides an offline domain join of a Server Core version of Windows Server 2012 R2 and loads the computer metadata from a file so it can be used to add the %SystemRoot% folder of the computer that you want to join the domain?

A

djoin / requestODJ

128
Q

Which zone is designed to resolve single-label names?

A

The GlobalNames zone

129
Q

Which cmdlet will remove a network adapter member from a switch team?

A

Remove-NetSwitchTeamMember

130
Q

Which user can always change permissions on an object, even when that user is denied all access to the object?

A

The user or group that is the owner of the object

131
Q

When creating a template user account, why should you set the Account is Disabled property on the account?

A

So no one can use it to log in.

132
Q

Which generation(s) of virtual machines use a virtual floppy disk to contain an unattended install answer file?

A

Generation 1 virtual machines only

133
Q

To specify the Accounts:Rename Administrator account policy to rename the local Administrator account on a computer to a different name, what path in the GPO must you search for the policy?

A

Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options

134
Q

Which firewall profile is applied when a computer is connected to a network in which the computers domain account resides?

A

Domain Profile

135
Q

What PowerShell cmdlet would you use to display the settings that have been enabled in a particular GPO

A

The Get-GPOReport cmdlet

136
Q

Why does a striped volume offer better write performance than a RAID-5 volume?

A

A RAID-5 volume writes both parity blocks and data blocks, so it does not offer the write performance of a striped volume which only writes data blocks.

137
Q

Which new feature of Windows Server 2012 R2 reduces the latency of writes by buffering small random writes to solid-state drives?

A

Write-block cache

138
Q

Which ports and protocols should you enable on the Windows Firewall for a Windows Server 2012 R2 acting as a VPN server to allow inbound PPTP connections?

A

TCP port 1723 and IP Protocol ID 47

139
Q

What are the differences between firewall rules and connection security rules?

A
  • Firewall rules allow traffic through, but do not secure that traffic
  • Connection security rules can secure the traffic, but only if a firewall rule was previously configured
140
Q

Which ports and protocols should you enable on the Windows Firewall for a Windows Server 2012 R2 acting as a VPN server to allow inbound SSTP connections?

A

TCP Port 443

141
Q

Is it possible to use Server Manager on a Windows Server 2008 R2 server to install roles on a Server Core installation of Windows Server 2012 R2?

A

No, you must use the version of Server Manager available in Windows Server 2012 R2 or the Remote Server Administration tools for Windows 8 or Windows 8.1

142
Q

What type of storage layout from a storage pool is supported in a failover cluster of Windows Server 2012 R2, but not Windows Server 2012?

A

Parity Spaces

143
Q

What setting of a virtual machine in Hyper-V manager allows you to select the order in which boot devices are checked to start the operating system?

A

Startup Order

144
Q

How do you remove the binary files to free up space on the server when you uninstall a role or feature with the Windows PowerShell cmdlet Uninstall-WindowsFeature ?

A

Use the Remove option with the Uninstall-WindowsFeature cmdlet

145
Q

What are two ways to display the IPv6 Route Table on a Windows Server 2012 R2 server from the PowerShell prompt?

A

Run either the netstat -r command or the Get-NetRoute cmdlet from the PowerShell prompt

146
Q

Which group can reduce the number of users that belong to the local Administrators group while providing users with access to Hyper-V?

A

Hyper-V Administrators

147
Q

Which feature of the Hyper-V role allows you to charge departments based on how much resources the virtual machines assigned to a particular department use?

A

Resource metering

148
Q

What will happen if all scopes on a DHCP server are activated, but the DHCP server is not authorized?

A

If the DHCP server is not authorized, it will not lease IP addresses to DHCP clients.

149
Q

To create installation media ofr a full (writable) domain controller, what command must you run on a writable domain controller that is running Windows Server 2012 R2?

A

The ntdsutil ifm command

150
Q

When enabled, what feature of Hyper-V in Windows Server 2012 R2 allows network traffic to bypass the software switch layer of the Hyper-V virtualization stack?

A

Single Root I/O Virtualization (SR-IOV)

151
Q

What does the Block setting on a Firewall profile block?

A

Blocks all connections that do not have firewall rules that explicitly allow the connection

152
Q

What two commands allow you to view installed updates on a Server Core installation of Windows Server 2012 R2?

A

Either the systeminfo command or the wimic qfe list command

153
Q

How many domain controllers can have the PDC emulator role?

A

Only one domain controller per domain

154
Q

Which user right gives a user permissions to back up files and folders on a computer but not restore them?

A

The Back up files and directories local policy

155
Q

Which DHCP option number specifies a list of IP addresses for routers on the clients subnet?

A

003

156
Q

Which local group(s) membership on a member server allows the user to back up and restore files and directories on the server?

A

Membership in the Administrators OR Backup Operators Groups

157
Q

What compromises the membership list of a domain local group?

A
  • Users and computers from any trusted domain
  • Global groups from any trusted domain
  • Universal groups from within the forest
  • Domain local groups from the same domain
158
Q

Which user feature protects the computer from the unauthorized installation of any software?

A

User Account Control (UAC)

159
Q

What type of partition table will support a volume over 2 TB?

A

A GUID partition table (GPT) type

160
Q

What technology is an address-assignment technology that you can use to provide unicast IPv6 connectivity between IPv6/IPv4 hosts over an IPv4 intranet?

A

ISATAP

161
Q

Which version of the Windows operating system allows you to create parity spaces on failover clusters?

A

Windows Server 2012 R2

162
Q

What are three ways that you can configure a Server Core installation of Windows Server 2012 R2 to automatically download Windows Updates from a specific WSUS server?

A
  • Using Group Policy Object Editor and editing the Local Group Policy object
  • Editing the registry directly by using the registry editor (regedit.exe)
  • Centrally deploying these registry entries by using System Policy in Windows NT 4.0 style
163
Q

Which guest operating system(s) support enhanced session mode connections?

A

Windows Server 2012 R2 and Windows 8

164
Q

Which file on a domain controller contains all resource records for the Active Directory domain controller, including its SRV records?

A

Netlogon.dns in the %systemroot%\System32\Config folder

165
Q

What cmdlet will remove a specified NIC team from a Windows Server 2012 R2 Server Core installation?

A

Remove-NetLbfoTeam

166
Q

Which type of zone will prevent the use of forwarders or the use of root DNS servers listed in the Root Hints tab of the DNS server?

A

A root zone

167
Q

What is the term for the folder that is created in the SYSVOL folder of an Active Directory domain controller and is used to provide a centralized storage location for ADMX and ADML files for the domain?

A

Central store

168
Q

What is the maximum size of a file that can be stored in a Work Folder?

A

10 GB

169
Q

What is the difference between a fixed size virtual hard disk and a dynamically expanding virtual hard disk?

A
  • A fixed size disk uses the size of the virtual hard disk and does not change when data is deleted or added
  • A dynamically expanding disk is created small, and changes as data is added
170
Q

What cmdlet removes the routing entry for the default gateway before applying a new one?

A

Remove-NetRoute -DestinationPrefix ::/0 -confirm

171
Q

What comprises the membership list of a local group on a member server?

A
  • Users and computers from any trusted domain
  • Global groups from any trusted domain
  • Universal groups from any trusted domain
172
Q

How many domain controllers can have the schema master role?

A

Only one domain controller per forest

173
Q

What deprecated command in Windows Server 2012 allows you to perform unattended installations of Windows Server 2012 R2 domain controllers with legacy scripts that have not been converted to PowerShell?

A

dcpromo /unattended

174
Q

Which command would you run to add a domain user account to the local Administrators group on a Windows Server 2012 R2 Server Core server?

A

net localgroup administrators / add \

175
Q

Which cmdlet compares the current DSC configuration and the actual DSC configuration?

A

Test-DscConfiguration

176
Q

What parameter must you use with the Dism command to mount an offline Windows image?

A

/Mount-Image

177
Q

Which domain controller should be in the source of the media that you use to create additional domain controllers with the install from media (IFM) method?

A

A domain controller in the same domain as the new domain controller

178
Q

How do you export AppLocker rules from a GPO in one domain to another GPO in another domain?

A

Export the AppLocker rules from the source GPO to an XML file. Import the XML file with Group Policy Editor on the destination GPO

179
Q

What action must you perform before attaching a VHDX from a Generation 2 virtual machine to a Generation 1 virtual machine?

A

None. VHDXs created on Generation 2 virtual machines will work on Generation 1 virtual machines

180
Q

Which new feature of Windows Server 2012 R2 protects against simultaneous physical disk failures by storing two copies of parity information in the parity space?

A

Dual parity

181
Q

Which cmdlet replaces the Remove-WindowsFeature cmdlet in Windows Server 2012?

A

Uninstall-WindowsFeature

182
Q

If a 3 GB file is compressed to 2 GB, what file size will count toward the disk quota?

A

3 GB will be counted toward the disk quota because compressed files are tracked based on their uncompressed sizes.

183
Q

Which type of GPO allows you to create a baseline from which you can build GPOs?

A

A Starter GPO

184
Q

What feature or functionality must you disable on a Generation 2 virtual machine to enable kernel debugging on the virtual machine?

A

Secure Boot

185
Q

Which cmdlet would you use to apply a PowerShell DSC configuration?

A

Start-DscConfiguration

186
Q

What type of condition would you apply to an AppLocker rule to restrict users from running software from a specific software vendor?

A

A publisher rule

187
Q

What Group Policy setting provides faster access to cached files and redirected folders by providing lower bandwidth usage because users are always working offline, even when they are connected through a high-speed network connection?

A

Enable the Always Offline mode by using Group Policy to enable the Configure slow-link mode policy setting

188
Q

What type of group can include users from any domain within a forest, and can be assigned permissions for in any domain in the forest?

A

A universal group

189
Q

Which feature of Windows Server 2012 and above allows the server to have the ability ot operate multiple NICs as a single interface?

A

NIC teaming

190
Q

What prevents a range of IP addresses within a DHCP scope from being leased to any computer?

A

Scope exclusion

191
Q

Which virtual hard disk format, VHD or VHDX, is recommended for servers needing ore than 2 TB of storage?

A

VHDX

192
Q

Which PowerShell cmdlet creates a new NIC team that consists of one or more network adapters?

A

New-NetLbfoTeam

193
Q

Which IPv6 prefix is a multicast allocation?

A

FF00::/8

194
Q

Why would you get the error *** Can’t find server name for address w.x.y.z: Timed out when starting the nslookup utility?

A

The name server does not exist or the name server does not have a PTR record in a reverse lookup zone

195
Q

Which command can be used to join a computer to a domain without contacting a domain controller?

A

djoin.exe

196
Q

Which user right gives user permission to change the time and date on the internal clock of the computer?

A

The Change the system time local policy

197
Q

If you have three disks with 600 GB free on each disk and you create a RAID-5 volume for the free space, how much disk space would be available to the user?

A

1200 GB (or 1.2 TB)

198
Q

How can you view cached lookups on a Windows DNS server?

A

By clicking View from the menu at the top of DNS Management and clicking Advanced

199
Q

What is the term that describes a physical print device being shared by multiple users while allowing the documents of one group of users to take precedence over documents from another group?

A

Printer priorities

200
Q

What feature in Hyper-V in Windows Server 2012 R2 is used to bridge the memory gap between minimum memory and startup memory, and allow virtual machines to restart reliably?

A

Smart paging

201
Q

How can you filter objects in Active Directory Users and Computers to only display printer objects?

A

You can choose Filter Options, from the View menu and check Only Printers in the Filter Options screen

202
Q

What happens when you run dcpromo.exe with no parameters from a Windows Server 2012 R2 command prompt?

A

It will not work. You will get a message pointing you to Server Manager

203
Q

Which PowerShell cmdlet would you use to add a computer to a domain such that you will be prompted to supply credentials to join the domain?

A

Add-Computer

204
Q

What technology is similar to 6to4 in that it allows you to tunnel IPv6 packets over the IPv4 Internet?

A

Teredo

205
Q

What type of network adapter is required on a virtual machine to perform a network-based operating system installation for a Generation 1 VM?

A

Legacy network adapter

206
Q

Which command would you run on a Windows Server 2012 R2 server to force a group policy to apply to another Windows Server 2012 R2 computer named SRV2?

A

winrs –r:SRV2 gpupdate / force

207
Q

Which firewall profile is applied when a computer is connected to a network in which the computer’s domain account does not reside, such as a home network?

A

Private profile

208
Q

What setting of a virtual machine in Hyper-V manager specifies the behavior of the VM when the physical computer starts?

A

Automatic Start Action

209
Q

What command will display the Server Configuration menu on a Windows Server 2012 R2 Server Core server?

A

sconfig.cmd

210
Q

Which PowerShell cmdlet is used to create port mirroring?

A

Set-VMNetworkAdapter

211
Q

Which feature of the Hyper-V role allows you to specify limits on the physical hardware, such as setting the relative weight and the percentage of total system resources on a processor?

A

Resource Control

212
Q

Which command can be used to redirect newly created users from the default container named CN=Users to a specified container?

A

The redirusr command

213
Q

What should you load on Windows 7, Windows 8, or Windows 8.1 laptop to remotely manage roles and features in Windows Server 2012?

A

Remote Server Administration Tools (RSAT)

214
Q

What is the scope of the Restore-GPO cmdlet when restoring GPO backups?

A

It only restores GPO backups to the original domain where the GPO was saved

215
Q

What are the server requirements for implementing the Work Folders role service?

A
  • A server running Windows Server 2012 R2 for hosting sync shares with user files
  • A volume formatted with the NTFS file system for storing user files
216
Q

What parameter of the Import-GPO cmdlet will create the destination GPO if the GPO does not exist?

A

-CreateIfNeeded

217
Q

How do you configure Group Policy to specify the source files from which every server in the domain should install features or roles?

A

Specify the source in a Group Policy at Computer Configuration > Administrative Templates > System > Specify settings for optional component installation and component repair

218
Q

Which Parameter of the Dism command will allow you to remove the GUI interface from an image of a full installation of Windows Server 2012 R2?

A

/disable-feature

219
Q

When editing a Group Policy, which Flexible Single Master Operations (FSMO) role contains the version of the Group Policy that is being edited?

A

PDC Emulator

220
Q

Which Hyper-V features can be assessed by members of the Hyper-V Administrators group?

A

Members of the Hyper-V Administrators have complete and unrestricted access to all features of Hyper-V

221
Q

In Active Directory Users and Computers, how do you display the Security and Options tab in the properties of an OU?

A

You need to click View and then Advanced Features in Active Directory Users and Computers before clicking the properties of the OU

222
Q

Which PowerShell cmdlet would you use to install a DHCP server and a DNS server on a Server Core installation of Windows Server 2012 R2?

A

Install-WindowsFeature DHCP, DNS

223
Q

What command adds a remote server to the local computer’s TrustedHosts list in a Windows PowerShell session?

A

Set-Item wsman:\localhost\client\TrustedHosts -Concatenate –Force

224
Q

What must you enable on your computer to recover files that were accidently overwritten?

A

Shadow Copies of Shared Folders

225
Q

Which type of virtual hard disk is recommended for servers running applications with high levels of activity?

A

Fixed size VHD

226
Q

What does the term “Same Sign-On” mean with respect to the Windows Azure Active Directory Sync Tool?

A

Users that have their passwords synchronized to Windows Azure AD will be able to use the same username and password to login to their Azure AD services as well as their on-premises resources.

227
Q

What utility can you apply to a quota to a specific path on an NTFS volume?

A

File Server Resource Manager

228
Q

Which feature of the Hyper-V role allows traffic sent to or from a Hyper-V Virtual Switch port to be copied and sent to a mirror port?

A

Port mirroring

229
Q

What type of storage layout from a storage pool best suited for temporary data, such as video rendering files, image editor scratch files, and intermediary computer object files?

A

Simple spaces

230
Q

Which Hyper-V feature drops router advertisement and redirection messages from unauthorized VMs?

A

RouterGuard

231
Q

Which virtual hard disk format, VHD or VHDX, provides protection against corruption during power failures?

A

VHDX

232
Q

Which PowerShell cmdlet can be used to find a list of stale computers that have not be logged into by anyone in four weeks?

A

get-adcomputer

233
Q

What does the convert option do in the Virtual Hard Disk wizard?

A

It converts a virtual hard disk by copying the contents of a new virtual hard disk. It can convert a virtual disk from .VHD to .VHDX format or from .VHDX to .VHD format.

234
Q

What steps would you perform to delegate the Create, delete and manage user accounts taks to a group for an Organizational Unit (OU)?

A

In Active Directory Users and Computers, right-click and select Delegate Control

235
Q

How can you easily configure a Server Core installation of Windows Server 2012 R2 to automatically download Windows updates?

A

Use sconfig to configure Windows Updates

236
Q

How does an administrator repair or change permissions on a file in which the administrator has been denied permissions?

A

The administrator should take ownership of the file

237
Q

If a virtual machine has a legacy network adapter, how can you specify the minimum and maximum bandwidth that the adapter can use?

A

You must replace the legacy adapter with a non-legacy network adapter

238
Q

What types of storage layout from a storage pool will support up to two disk failures?

A

Mirror spaces

239
Q

Which feature of Hyper-V role addresses the scalability issue of VLANs where tenants each hve multiple virtual subnets?

A

Port Virtual Local Area Network

240
Q

What PowerShell cmdlet would you use to change a static IP address on a Windows Server 2012 R2 Server Core server?

A

New-NetIPAddress

241
Q

Why would you get the error *** ns.domain.com can’t find child.domain.com : Non-existent domain using the nslookup utility to query records in a child domain?

A

The name server does not allow zone transfers to the zone that contains records for the child domain

242
Q

To perform an offline domain join during an unattended operating system installation of Windows Server 2012 R2 Server Core, what command should you run first?

A

djoin /provision

243
Q

What is the default generation of a new virtual machine on Windows Server 2012 R2 server running Hyper-V?

A

Generation 1

244
Q

How can you ensure that Alice and John are members of the Backup Operators group on every computer in domain?

A

Configure Backup Operators as a restricted group in a GPO at the domain level with Alice and John as members

245
Q

What technology uses 32-bit IP addresses and allows for the use of 4 billion addresses?

A

IPv4

246
Q

How do you copy Windows Firewall with Advanced Security rules from one server to another?

A

In the Windows Firewall with Advanced Security MMC snap-in, click Export Policy to export the rules to a file. On the other server, open the Windows Firewall with Advanced Security MMC snap-in and click Import to the file.

247
Q

What type of AppLocker rule would you use to control an application from the Windows store?

A

A packaged app rule

248
Q

Which Hyper-V feature drops DHCP server messages coming from a VM?

A

DHCPGuard

249
Q

To reinstall a role or feature that has been completely removed from Windows Server 2012 R2, what resource(s) do you require?

A

Either the original installation source, or access to Windows Update

250
Q

Which utility do you use to create a domain controller on a server running the full GUI installation of Windows Server 2012 R2?

A

Server Manager

251
Q

What is the minimum number of dynamic drives required to create a RAID-5 volume?

A

3

252
Q

What feature of Hyper-V in a multitenant environment ensures that VMs belonging to one tenant do not consume excessive storage resources, affecting VMs that belong to another tenant?

A

Storage Quality of Service (QoS) for Hyper-V

253
Q

If a client has a DHCP reservation, there is a DHCP allow list enabled, and the client is not on the DHCP allow list, will the client receive an IP address from the DHCP server?

A

No. You’ll need to add the client’s MAC address to the list

254
Q

What subnet mas would you use to further divide the 10.10.0.0/16 network to a subnet that supports up to 525 hosts?

A

/22 or 255.255.252.0 which supports 2^10-2, or 1024 hosts per subnet

255
Q

Which operations master role is responsible for updating references from local objects to objects in other domains?

A

Infrastructure master

256
Q

What are two ways to remove Windows Explorer, Windows Internet Explorer and all related omponents and files from a full installation of Windows Server 2012 R2?

A

Run Uninstall-WindowsFeature or use Server manager to remove the Server Graphical Shell

257
Q

Which utility synchronizes user passwords from your on-premises Active Directory to Azure Active Directory, letting users access Microsoft Cloud Services with the same password that they use to access on-premises resources?

A

Windows Azure Active Directory Sync Tool

258
Q

What is the path to the central store that is used to store and replicate Windows policy files on a domain controller?

A

%logonserver%\sysvol\%userdnsdomain%\policies\PolicyDefinitions

259
Q

Which type of domain controller contains a partial, read-only replica of every domain in the forest other than its own domain?

A

Global catalog server

260
Q

What is the difference between soft quota and a hard quota?

A

A hard quota type will not allow the users to exceed the quota limit. A soft quota type will allow the user to exceed the quota limit. A soft quota type is used typically for monitoring storage use before implementing a hard quota type

261
Q

Which firewall rules should be configured to allow ping commands to work?

A

The correct echo rules, such as “File and Printer Shareing (Echo Request – ICMPv4-In)”

262
Q

What does the Allow setting on a firewall profile allow?

A

Allows the connection, unless there is a firewall rule that explicitly blocs the connection

263
Q

Which parameter of the Dism command will allow you to add a GUI interface to a Server Core installation of Windows Server 2012 R2?

A

/enable-feature

264
Q

What technology do you use to allow applications that do not support IPv6 to communicate with IPv6 hosts?

A

Port Proxy

265
Q

How can you deny specific computers from obtaining an IP address from a DHCP server?

A

Create a deny filter based on MAC address of the computer

266
Q

Which type of Windows server responds to forest-wide Lightweight Directory Access Protocol (LDAP) queries over port 3268?

A

The global catalog server

267
Q

What feature in a Group Policy policies allow you to control the membership of sensitive groups through Active Directory rather than through traditional group membership editing tools, such as Active Directory Users and Computers or PowerShell?

A

Restricted Groups

268
Q

If Joe has Full Control permissions to C:\Software on the server and Read Permissions to the share named Software that points to C:\Software on that server, will Joe be able to copy a file to the Software share of from another computer?

A

No, Joe will only have the effective permissions of the Read on the share

269
Q

If you use Windows Server 2008 R2 DNS server and implement ISATAP, what must you configure on the DNS server?

A

To allow name resolution for the ISATAP name, you must remove the ISATAP from the global query block list of the DNS server service for each DNS server on your Intranet running Windows Server 2008 R2 or Windows Server 2008.

270
Q

What is the difference between deleting a virtual machine snapshot in Hyper-V manager on Windows Server 2008 R2 versus Windows Server 2012?

A

When you delete a snapshot in Hyper-V Manager in Windows Server 2012, you do not have to restart or turn off the virtual machine to reclaim the space

271
Q

What comprises the membership list of a global group?

A
  • Users and computers from the same domain as the global group
  • Global groups from the same domain
272
Q

Which DHCP option number specifies the DNS domain name that the client should use for DNS computer name resolution?

A

015