Home Vendors New Files TQB Simulator Upload Files
Cisco Microsoft VMware Oracle Checkpoint IBM Exin RedHat ECCouncil PMI

Download Microsoft.70-411.ActualTests.2020-01-24.183q.tqb

Vendor: Microsoft
Exam Code: 70-411
Exam Name: Administering Windows Server 2012
Date: Jan 24, 2020
File Size: 23 MB
Download Exam
Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
You are a network administrator of an Active Directory domain named contoso.com. 
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the DHCP Server server role and the Network Policy Server role service installed. 
You enable Network Access Protection (NAP) on all of the DHCP scopes on Server1. You need to create a DHCP policy that will apply to all of the NAP non-compliant DHCP clients. 
Which criteria should you specify when you create the DHCP policy?
  1. The client identifier
  2. The user class
  3. The vendor class
  4. The relay agent information
Correct answer: B
Explanation:
   To configure a NAP-enabled DHCP server On the DHCP server, click Start, click Run, in Open, type dhcpmgmt. smc, and then press ENTER. In the DHCP console, open <servername>\IPv4. Right-click the name of the DHCP scope that you will use for NAP client computers, and then click Properties. On the Network Access Protection tab, under Network Access Protection Settings, choose Enable for this scope, verify that Use default Network Access Protection profile is selected, and then click OK. In the DHCP console tree, under the DHCP scope that you have selected, right-click Scope Options, and then click Configure Options. On the Advanced tab, verify that Default User Class is selected next to User class. Select the 003 Router check box, and in IP Address, under Data entry, type the IP address for the default gateway used by compliant NAP client computers, and then click Add. Select the 006 DNS Servers check box, and in IP Address, under Data entry, type the IP address for each router to be used by compliant NAP client computers, and then click Add. Select the 015 DNS Domain Name check box, and in String value, under Data entry, type your organization's domain name (for example, woodgrovebank. local), and then click Apply. This domain is a full-access network assigned to compliant NAP clients. 10.On the Advanced tab, next to User class, choose Default Network Access Protection Class. 11.Select the 003 Router check box, and in IP Address, under Data entry, type the IP address for the default gateway used by noncompliant NAP client computers, and then click Add. This can be the same default gateway that is used by compliant NAP clients. 12.Select the 006 DNS Servers check box, and in IP Address, under Data entry, type the IP address for each DNS server to be used by noncompliant NAP client computers, and then click Add. These can be the same DNS servers used by compliant NAP clients. 13.Select the 015 DNS Domain Name check box, and in String value, under Data entry, type a name to identify the restricted domain (for example, restricted. Woodgrovebank. local), and then click OK. This domain is a restricted-access network assigned to noncompliant NAP clients. Click OK to close the Scope Options dialog box. Close the DHCP console. Reference: http: //technet.microsoft.com/en-us/library/dd296905%28v=ws.10%29.aspx
  
To configure a NAP-enabled DHCP server 
  • On the DHCP server, click Start, click Run, in Open, type dhcpmgmt. smc, and then press ENTER. 
  • In the DHCP console, open <servername>\IPv4. 
  • Right-click the name of the DHCP scope that you will use for NAP client computers, and then click Properties. 
  • On the Network Access Protection tab, under Network Access Protection Settings, choose Enable for this scope, verify that Use default Network Access Protection profile is selected, and then click OK. 
  • In the DHCP console tree, under the DHCP scope that you have selected, right-click Scope Options, and then click Configure Options. 
  • On the Advanced tab, verify that Default User Class is selected next to User class. 
  • Select the 003 Router check box, and in IP Address, under Data entry, type the IP address for the default gateway used by compliant NAP client computers, and then click Add. 
  • Select the 006 DNS Servers check box, and in IP Address, under Data entry, type the IP address for each router to be used by compliant NAP client computers, and then click Add. 
  • Select the 015 DNS Domain Name check box, and in String value, under Data entry, type your organization's domain name (for example, woodgrovebank. local), and then click Apply. This domain is a full-access network assigned to compliant NAP clients. 10.On the Advanced tab, next to User class, choose Default Network Access Protection Class. 11.Select the 003 Router check box, and in IP Address, under Data entry, type the IP address for the default gateway used by noncompliant NAP client computers, and then click Add. This can be the same default gateway that is used by compliant NAP clients. 12.Select the 006 DNS Servers check box, and in IP Address, under Data entry, type the IP address for each DNS server to be used by noncompliant NAP client computers, and then click Add. These can be the same DNS servers used by compliant NAP clients. 13.Select the 015 DNS Domain Name check box, and in String value, under Data entry, type a name to identify the restricted domain (for example, restricted. Woodgrovebank. local), and then click OK. This domain is a restricted-access network assigned to noncompliant NAP clients. 
  • Click OK to close the Scope Options dialog box. 
  • Close the DHCP console. 
Reference: http: //technet.microsoft.com/en-us/library/dd296905%28v=ws.10%29.aspx
Question 2
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the Network Policy Server role service installed. 
An administrator creates a RADIUS client template named Template1. 
You create a RADIUS client named Client1 by using Template 1. 
You need to modify the shared secret for Client1. 
What should you do first?
  1. Configure the Advanced settings of Template1.
  2. Set the Shared secret setting of Template1 to Manual.
  3. Clear Enable this RADIUS client for Client1.
  4. Clear Select an existing template for Client1.
Correct answer: D
Explanation:
Clear checkmark for Select an existing template in the new client wizard. In New RADIUS Client, in Shared secret, do one of the following:Bullet Ensure that Manual is selected, and then in Shared secret, type the strong password that is also entered on the RADIUS client. Retype the shared secret in Confirm shared secret.       
Clear checkmark for Select an existing template in the new client wizard. 
In New RADIUS Client, in Shared secret, do one of the following:
Bullet Ensure that Manual is selected, and then in Shared secret, type the strong password that is also entered on the RADIUS client. Retype the shared secret in Confirm shared secret. 
  
  
Question 3
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. 
The domain contains a server named Server1 that has the Network Policy Server server role and the Remote Access server role installed. The domain contains a server named Server2 that is configured as a RADIUS server. 
Server1 provides VPN access to external users. 
You need to ensure that all of the VPN connections to Server1 are logged to the RADIUS server on Server2. 
What should you run?
  1. Add-RemoteAccessRadius -ServerNameServer1 -AccountingOnOffMsg Enabled -SharedSecret "Secret" -Purpose Accounting
  2. Set-RemoteAccessAccounting -AccountingOnOffMsg Enabled -AccountingOnOffMsg Enabled
  3. Add-RemoteAccessRadius -ServerName Server2 -AccountingOnOffMsg Enabled -SharedSecret "Secret" -Purpose Accounting
  4. Set-RemoteAccessAccounting -EnableAccountingType Inbox -AccountingOnOffMsg Enabled
Correct answer: C
Explanation:
Add-RemoteAccessRadius Adds a new external RADIUS server for VPN authentication, accounting for DirectAccess (DA) and VPN, or one-time password (OTP) authentication for DA. AccountingOnOffMsg<String> Indicates the enabled state for sending of accounting on or off messages. The acceptable values for this parameter are:Enabled. Disabled. This is the default value. This parameter is applicable only when the RADIUS server is being added for Remote Access accounting.
Add-RemoteAccessRadius 
Adds a new external RADIUS server for VPN authentication, accounting for DirectAccess (DA) and VPN, or one-time password (OTP) authentication for DA. 
AccountingOnOffMsg<String> 
Indicates the enabled state for sending of accounting on or off messages. The acceptable values for this parameter are:
  • Enabled. 
  • Disabled. This is the default value. 
This parameter is applicable only when the RADIUS server is being added for Remote Access accounting.
CONNECT US
EXAM SIMULATOR

How to Open TQB Files?

Use Taurus Exam Simulator to open TQB files

Taurus Exam Simulator


Taurus Exam Simulator for Windows/macOS/Linus

Download

We does not sell or support this software
Taurus Exam Studio
Enjoy a 20% discount on Taurus Exam Studio!

You now have the chance to acquire Exam Studio at a discounted rate of 20%.

Get Now!