Best Lead2pass Microsoft 70-417 PDF Dumps With New Update Exam Questions (311-320)

Lead2pass 70-417 exam material details are researched and created by the Most Professional Certified Authors who are regularly using current exams experience to create precise and logical dumps. You can get questions and answers from many other websites or books, but logic is the main key of success. And Lead2pass will give you this key of success.

QUESTION 311
Hotspot Question
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed.

You need to configure the ports on Server1 to ensure that client computers can establish VPN connections to Server1 by using TCP port 443.
What should you modify? To answer, select the appropriate object in the answer area.

image_thumb

Answer:

image_thumb[1]

QUESTION 312
Your network contains an Active Directory domain named contoso.com. The domain contains three servers. The servers are configured as shown in the following table.

image_thumb[2]

You need to ensure that end-to-end encryption is used between clients and Server2 when the clients connect to the network by using DirectAccess.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    From the Remote Access Management Console, reload the configuration.
B.    Add Server2 to a security group in Active Directory.
C.    Restart the IPSec Policy Agent service on Server2.
D.    From the Remote Access Management Console, modify the Infrastructure Servers settings.
E.    From the Remote Access Management Console, modify the Application Servers settings.

Answer: BE

QUESTION 313
You have a DNS server named DNS1 that runs Windows Server 2012 R2.
On DNS1, you create a standard primary DNS zone named adatum.com.
You need to change the frequency that secondary name servers will replicate the zone from DNS1.
Which type of DNS record should you modify?

A.    Name server (NS)
B.    Start of authority (SOA)
C.    Host information (HINFO)
D.    Service location (SRV)

Answer: B

QUESTION 314
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server 1. Server1 has the IP Address Management (IPAM) Server feature installed.
A technician performs maintenance on Server1.
After the maintenance is complete, you discover that you cannot connect to the IPAM server on Server1.
You open the Services console as shown in the exhibit. (Click the Exhibit button.)
 image_thumb[3]

You need to ensure that you can connect to the IPAM server.
Which service should you start?

A.    Windows Process Activation Service
B.    Windows Event Collector
C.    Windows Internal Database
D.    Windows Store Service (WSService)

Answer: C

QUESTION 315
You have a server named Server1 that runs Windows Server 2012 R2.
Server1 is located in the perimeter network and has the DNS Server server role installed.
Server1 has a zone named contoso.com.
You apply a security template to Server1.
After you apply the template, users report that they can no longer resolve names from contoso.com.
On Server1, you open DNS Manager as shown in the DNS exhibit. (Click the Exhibit button.)

image_thumb[4]

On Server1, you open Windows Firewall with Advanced Security as shown in the Firewall exhibit. (Click the Exhibit button.)

image_thumb[5]

You need to ensure that users can resolve contoso.com names.
What should you do?

A.    From Windows Firewall with Advanced Security, disable the DNS (TCP, Incoming) rule and the DNS (UDP, Incoming) rule.
B.    From DNS Manager, modify the Zone Transfers settings of the contoso.com zone.
C.    From DNS Manager, unsign the contoso.com zone.
D.    From DNS Manager, modify the Start of Authority (SOA) of the contoso.com zone.
E.    From Windows Firewall with Advanced Security, modify the profiles of the DNS (TCP, Incoming) rule and the DNS (UDP, Incoming) rule.

Answer: E

QUESTION 316
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the DNS Server server role installed.
The network contains client computers that run either Linux, Windows 7, or Windows 8.
You have a zone named adatum.com as shown in the exhibit. (Click the Exhibit button.)

image_thumb[6]

You plan to configure Name Protection on all of the DHCP servers.
You need to configure the adatum.com zone to support Name Protection.
What should you do?

A.    Change the zone type.
B.    Sign the zone.
C.    Add a DNSKEY record.
D.    Configure Dynamic updates.

Answer: D

QUESTION 317
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Rights Management Services server role installed.
Your company works with a partner organization that does not have its own Active Directory Rights Management Services (AD RMS) implementation.
You need to create a trust policy for the partner organization.
The solution must meet the following requirements:
– Grant users in the partner organization access to protected content
– Provide users in the partner organization with the ability to create protected content.
Which type of trust policy should you create?

A.    A federated trust
B.    Windows Live ID
C.    A trusted publishing domain
D.    A trusted user domain

Answer: A

QUESTION 318
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role installed and configured.
For all users, you are deploying smart cards for logon.
You are using an enrollment agent to enroll the smart card certificates for the users.
You need to configure the Contoso Smartcard Logon certificate template to support the use of the enrollment agent.
Which setting should you modify? To answer, select the appropriate setting in the answer area.

image_thumb[7]

Answer:

image_thumb[8]

QUESTION 319
Hotspot Question
Your company has a primary data center and a disaster recovery data center.
The network contains an Active Directory domain named contoso.com. The domain contains a server named that runs Windows Server 2012 R2. Server1 is located in the primary data center.
Server1 has an enterprise root certification authority (CA) for contoso.com.
You deploy another server named Server2 to the disaster recovery data center.
You plan to configure Server2 as a secondary certificate revocation list (CRL) distribution point.
You need to configure Server2 as a CRL distribution point (CDP).
Which tab should you use to configure the required CDP entry? To answer, select the appropriate tab in the answer area.

image_thumb[9]

Answer:

image_thumb[10]

QUESTION 320
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The relevant servers in the domain are configured as shown in the following table.

image_thumb[11]

You plan to create a shared folder on Server1 named Share1. Share1 must only be accessed by users who are using computers that are joined to the domain.
You need to identify which servers must be upgraded to support the requirements of Share1.
In the table below, identify which computers require an upgrade and which computers do not require an upgrade. Make only one selection in each row. Each correct selection is worth one point.

image_thumb[12]

Answer:

 image_thumb[13]

If you want to pass Microsoft 70-417 exam successfully, do not missing to read latest Lead2pass Microsoft 70-417 dumps. Thanks for you reading. Wish you pass 70-417 exam successfully.

www.lead2pass.com/70-417.html