Free Version Lead2pass Microsoft 70-417 PDF Dumps With Exam Questions Download (211-220)

Lead2pass give latest exam questions for 70-417 lab certification and because of that, all of our candidates pass 70-417 certification without any problem. The biggest feature is the regular update of these latest exam questions, which keeps our candidates’ knowledge up to date and ensures their success.

QUESTION 211
Your network contains an Active Directory domain named contoso.com.
The domain contains two member servers named Server1 and Server2.

You install the DHCP Server server role on Server1 and Server2.
You install the IP Address Management (IPAM) Server feature on Server1.
You notice that you cannot discover Server1 or Server2 in IPAM.
You need to ensure that you can use IPAM to discover the DHCP infrastructure.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    On Server2, run the Add-DhcpServer1nDc cmdlet
B.    On Server1, uninstall the DHCP Server server role.
C.    On Server1, run the Add-IpamServer1nventory cmdlet.
D.    On both Server1 and Server2, run the Add-DhcpServerv4Policy cmdlet.
E.    On Server2, create an IPv4 scope.

Answer: AC

QUESTION 212
Hotspot Question
You have a server named Server1 that has the Network Policy and Access Services server role installed.
You plan to configure Network Policy Server (NPS) on Server1 to use certificate-based authentication for VPN connections.
You obtain a certificate for NPS.
You need to ensure that NPS can perform certificate-based authentication.
To which store should you import the certificate? To answer, select the appropriate store in the answer area.

image_thumb

Answer:

image_thumb[1] 

QUESTION 213
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 has the Network Policy Server role service installed.
You plan to configure Server1 as a Network Access Protection (NAP) health policy server for VPN enforcement by using the Configure NAP wizard.
You need to ensure that you can configure the VPN enforcement method on Server1 successfully.
What should you install on Server1 before you run the Configure NAP wizard?

A.    The Remote Access server role
B.    A system health validator (SHV)
C.    A computer certificate
D.    The Host Credential Authorization Protocol (HCAP)

Answer: C

QUESTION 214
Your network contains an Active Directory domain named adatum.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 is configured as a Network Policy Server (NPS) server and as a DHCP server.
The network contains two subnets named Subnet1 and Subnet2. Server1 has a DHCP scope for each subnet.
You need to ensure that noncompliant computers on Subnet1 receive different network policies than noncompliant computers on Subnet2.
Which two settings should you configure? (Each correct answer presents part of the solution.
Choose two.)

A.    The NAS Port Type constraints
B.    The Health Policies conditions
C.    The Called Station ID constraints
D.    The NAP-Capable Computers conditions
E.    The MS-Service Class conditions

Answer: DE

QUESTION 215
Hotspot Question
Your network contains an Active Directory domain named fabrikam.com.
You implement DirectAccess and an IKEv2 VPN.
You need to view the properties of the VPN connection.
Which connection properties should you view? To answer, select the appropriate connection properties in the answer area.

image_thumb[7]

Answer:

  image_thumb[9]

QUESTION 216
Your network contains an Active Directory domain named contoso.com.
All client computers run Windows 8.
Your company has users who work from home. Some of the home users have desktop computers. Other home users have laptop computers. All of the computers are joined to the domain. All of the computer accounts are members of a group named Group1.
Currently, the home users access the corporate network by using a PPTP VPN.
You implement DirectAccess by using the default configuration and you specify Group1 as the DirectAccess client group. The home users who have desktop computers report that they cannot use DirectAccess to access the corporate network. The home users who have laptop computers report that they can use DirectAccess to access the corporate network.
You need to ensure that the home users who have desktop computers can access the network by using DirectAccess.
What should you modify?

A.    The WMI filter for Direct Access Client Settings GPO
B.    The conditions of the Connections to Microsoft Routing and Remote Access server policy
C.    The membership of the RAS and IAS Servers group
D.    The security settings of the computer accounts for the desktop computers

Answer: A

QUESTION 217
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and fabrikam.com. All of the DNS servers in both of the domains run Windows Server 2012 R2. The network contains two servers named Server1 and Server2. Server1 hosts an Active Directory-integrated zone for contoso.com. Server2 hosts an Active Directory-integrated zone for fabrikam.com. Server1 and Server2 connect to each other by using a WAN link. Client computers that connect to Server1 for name resolution cannot resolve names in fabrikam.com. You need to configure Server1 to support the resolution of names in fabrikam.com. The solution must ensure that users in contoso.com can resolve names in fabrikam.com if the WAN link fails. What should you do on Server1?

A.    Create a stub zone.
B.    Create a secondary zone.
C.    Add a forwarder.
D.    Create a conditional forwarder.

Answer: B

QUESTION 218
Your network contains an Active Directory domain named contoso.com. The domain contains a Web server named www.contoso.com. The Web server is available on the Internet.
You implement DirectAccess by using the default configuration.
You need to ensure that users never attempt to connect to www.contoso.com by using DirectAccess. The solution must not prevent the users from using DirectAccess to access other resources in contoso.com.
Which settings should you configure in a Group Policy object (GPO)?

A.    Network Connections
B.    DirectAccess Client Experience Settings
C.    DNS Client
D.    Name Resolution Policy

Answer: D

QUESTION 219
Your network contains an Active Directory domain named contoso.com. The domain contains more than 100 Group Policy objects (GPOs). Currently, there are no enforced GPOs. The domain contains a top-level organizational unit (OU) for each department.
A group named Group1 contains members from each department.
You have a GPO named GPO1 that is linked to the domain.
You need to configure GPO1 to Apply settings to Group1 only.
What should you use?

A.    Dcgpofix
B.    Get-GPOReport
C.    Gpfixup
D.    Gpresult
E.    Gptedit.msc
F.    Import-GPO
G.    Restore-GPO
H.    Set-GPInheritance
I.    Set-GPLink
J.    Set-GPPermission
K.    Gpupdate
L.    Add-ADGroupMember

Answer: J

QUESTION 220
Your network contains an Active Directory domain named contoso.com. The domain contains more than 100 Group Policy objects (GPOs). Currently, there are no enforced GPOs.
You need to prevent all of the GPOs at the site level and at the domain level from being Applied to users and computers in an organizational unit (OU) named OU1.
You want to achieve this goal by using the minimum amount of administrative effort.
What should you use?

A.    Dcgpofix
B.    Get-GPOReport
C.    Gpfixup
D.    Gpresult
E.    Gptedit.msc
F.    Import-GPO
G.    Restore-GPO
H.    Set-GPInheritance
I.    Set-GPLink
J.    Set-GPPermission
K.    Gpupdate
L.    Add-ADGroupMember

Answer: H

Microsoft 70-417 learning programs are the most accepted certification in the present era and its entire module is extremely valued by many IT organizations and for 70-417 simulations experts there is a very huge chance of getting a job in Microsoft IT fields. Many candidates attempt for 70-417 answers guides whereas most of them face the problem of unavailability of quality in training matters. Luckily for all the Microsoft 70-417 experts, Lead2pass is now here to help you with your IT certification problems, as we are the best 70-417 actual tests exam questions training material providing vendor.

www.lead2pass.com/70-417.html