Home Vendors New Files TQB Simulator Upload Files
Cisco Microsoft VMware Oracle Checkpoint IBM Exin RedHat ECCouncil PMI

Download Microsoft.70-411.TestKing.2018-09-10.176q.tqb

Vendor: Microsoft
Exam Code: 70-411
Exam Name: Administering Windows Server 2012
Date: Sep 10, 2018
File Size: 23 MB
Download Exam
Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1. 
You run ntdsutil as shown in the exhibit.
  
You need to ensure that you can access the contents of the mounted snapshot. 
What should you do?
  1. From the snapshot context of ntdsutil, run activate instance "NTDS".
  2. From a command prompt, run dsamain.exe -dbpath c:\$snap_201204131056_volumec$\windows\ntds\ntds. dit -Idapport 389.
  3. From the snapshot context of ntdsutil, run mount {79f94f82-5926-4f44-8af0-2f56d827a57d}.
  4. From a command prompt, run dsamain.exe -dbpath c:\$snap_201204131056_volumec$\windows\ntds\ntds. dit -Idapport 33389.
Correct answer: D
Explanation:
By default, only members of the Domain Admins group and the Enterprise Admins group are allowed to view the snapshots because they contain sensitive AD DS data. If you want to access snapshot data from an old domain or forest that has been deleted, you can allow nonadministrators to access the data when you run Dsamain.exe. If you plan to view the snapshot data on a domain controller, specify ports that are different from the ports that the domain controller will use. A client starts an LDAP session by connecting to an LDAP server, called a Directory System Agent (DSA), by default on TCP port and UDP [7] port 389. The client then sends an operation request to the server, and the server sends responses in return. With some exceptions, the client does not need to wait for a response before sending the next request, and the server may send the responses in any order. All information is transmitted using Basic Encoding Rules (BER).     References:http://technet.microsoft.com/en-us/library/cc753609(v=ws.10).aspx
By default, only members of the Domain Admins group and the Enterprise Admins group are allowed to view the snapshots because they contain sensitive AD DS data. If you want to access snapshot data from an old domain or forest that has been deleted, you can allow nonadministrators to access the data when you run Dsamain.exe. 
If you plan to view the snapshot data on a domain controller, specify ports that are different from the ports that the domain controller will use. 
A client starts an LDAP session by connecting to an LDAP server, called a Directory System Agent (DSA), by default on TCP port and UDP [7] port 389. The client then sends an operation request to the server, and the server sends responses in return. With some exceptions, the client does not need to wait for a response before sending the next request, and the server may send the responses in any order. All information is transmitted using Basic Encoding Rules (BER). 
  
References:
http://technet.microsoft.com/en-us/library/cc753609(v=ws.10).aspx
Question 2
You are a network administrator of an Active Directory domain named contoso.com. 
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Web Server (IIS) server role installed. 
Server1 will host a web site at URL https://secure.contoso.com. The application pool identity account of the web site will be set to a domain user account named AppPool1.
You need to configure the Service Principal Name (SPN) for the web site. 
What should you run? To answer, drag the appropriate objects to the correct location. Each object may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Note:* -s <SPN> Adds the specified SPN for the computer, after verifying that no duplicates exist. Usage: setspn –s SPN accountnameFor example, to register SPN "http/daserver" for computer "daserver1":setspn -S http/daserver daserver1 Attn: with Windows 2008 option is-abut with Windows 2012 it started to show-sDefinition of an SPN An SPN is the name by which a client uniquely identifies an instance of a service. If you install multiple instances of a service on computers throughout a forest, each service instance must have its own SPN. A particular service instance can have multiple SPNs if there are multiple names that clients might use for authentication. For example, an SPN always includes the name of the host computer on which the service instance is running. Therefore, a service instance might register an SPN for each name or alias of its host. Adding SPNs To add an SPN, use the setspn -s service/namehostname command at a command prompt, where service/name is the SPN that you want to add and hostname is the actual host name of the computer object that you want to update. For example, if there is an Active Directory domain controller with the host name server1.contoso.com that requires an SPN for the Lightweight Directory Access Protocol (LDAP), type setspn -s ldap/server1.contoso.com server1, and then press ENTER to add the SPN. The HTTP service class The HTTP service class differs from the HTTP protocol. Both the HTTP protocol and the HTTPS protocol use the HTTP service class. The service class is the string that identifies the general class of service. For example, the command may resemble the following command:setspn–S HTTP/iis6server1. mydomain.com mydomain\appPool1 References:http://support.microsoft.com/kb/929650/en-ushttp://technet.microsoft.com/en-us/library/cc731241(v=ws.10).aspx
Note:
* -s <SPN> 
Adds the specified SPN for the computer, after verifying that no duplicates exist. 
Usage: setspn –s SPN accountname
For example, to register SPN "http/daserver" for computer "daserver1":
setspn -S http/daserver daserver1 
Attn: with Windows 2008 option is-abut with Windows 2012 it started to show-s
Definition of an SPN 
An SPN is the name by which a client uniquely identifies an instance of a service. If you install multiple instances of a service on computers throughout a forest, each service instance must have its own SPN. A particular service instance can have multiple SPNs if there are multiple names that clients might use for authentication. For example, an SPN always includes the name of the host computer on which the service instance is running. Therefore, a service instance might register an SPN for each name or alias of its host. 
Adding SPNs 
To add an SPN, use the setspn -s service/namehostname command at a command prompt, where service/name is the SPN that you want to add and hostname is the actual host name of the computer object that you want to update. For example, if there is an Active Directory domain controller with the host name server1.contoso.com that requires an SPN for the Lightweight Directory Access Protocol (LDAP), type setspn -s ldap/server1.contoso.com server1, and then press ENTER to add the SPN. 
The HTTP service class 
The HTTP service class differs from the HTTP protocol. Both the HTTP protocol and the HTTPS protocol use the HTTP service class. The service class is the string that identifies the general class of service. 
For example, the command may resemble the following command:
setspn–S HTTP/iis6server1. mydomain.com mydomain\appPool1 
References:
http://support.microsoft.com/kb/929650/en-us
http://technet.microsoft.com/en-us/library/cc731241(v=ws.10).aspx
Question 3
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is backed up daily. The domain has the Active Directory Recycle Bin enabled. 
During routine maintenance, you delete 500 inactive user accounts and 100 inactive groups. One of the deleted groups is named Group1. Some of the deleted user accounts are members of some of the deleted groups. 
For documentation purposes, you must provide a list of the members of Group1 before the group was deleted. 
You need to identify the names of the users who were members of Group1 prior to its deletion. 
You want to achieve this goal by using the minimum amount of administrative effort. 
What should you do first?
  1. Mount the most recent Active Directory backup.
  2. Reactivate the tombstone of Group1.
  3. Perform an authoritative restore of Group1.
  4. Use the Recycle Bin to restore Group1.
Correct answer: A
Explanation:
The Active Directory Recycle Bin does not have the ability to track simple changes to objects.  If the object itself is not deleted, no element is moved to the Recycle Bin for possible recovery in the future. In other words, there is no rollback capacity for changes to object properties, or, in other words, to the values of these properties.
The Active Directory Recycle Bin does not have the ability to track simple changes to objects.  
If the object itself is not deleted, no element is moved to the Recycle Bin for possible recovery in the future. In other words, there is no rollback capacity for changes to object properties, or, in other words, to the values of these properties.
CONNECT US
EXAM SIMULATOR

How to Open TQB Files?

Use Taurus Exam Simulator to open TQB files

Taurus Exam Simulator


Taurus Exam Simulator for Windows/macOS/Linus

Download

We does not sell or support this software
Taurus Exam Studio
Enjoy a 20% discount on Taurus Exam Studio!

You now have the chance to acquire Exam Studio at a discounted rate of 20%.

Get Now!