MCSE · Microsoft

Money Back Guarantee Microsoft 70-412 Dumps For Each Candidate

To match the existing, the particular technological group through qualifications no cost personal check application can bring up to date the research resources for any adjustments on time, plus we are generally taking the particular feedback regarding Microsoft 70-412 exam sample questions through each of our consumers. Microsoft 70-412 dumps contains 90 questions and answers, which will be your passport of the real Microsoft 70-412 exam. Buy your Microsoft 70-412 exam sample questions along with Microsoft 70-412 real questions and answers.

70-412 dumps

QUESTION 21
Your network contains an Active Directory domain named contoso.com. The domain contains a server
named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.

You need to create an IPv6 scope on Server1. The scope must use an address space that is re- served for
private networks. The addresses must be routable.
Which IPV6 scope prefix should you use?

A. 2001:123:4567:890A::
B. FE80:123:4567::
C. FF00:123:4567:890A::
D. FD00:123:4567::
Correct Answer: D Explanation

Explanation/Reference:
Explanation:
*
A unique local address (ULA) is an IPv6 address in the block fc00::/7, defined in RFC 4193. It is the
approximate IPv6 counterpart of the IPv4 private address. The address block fc00::/7 is divided into two /8
groups:
/ The block fc00::/8 has not been defined yet.
/ The block fd00::/8 is defined for /48 prefixes, formed by setting the 40 least-significant bits of the prefix to
a randomly generated bit string.
*
Prefixes in the fd00::/8 range have similar properties as those of the IPv4 private address ranges:

/ They are not allocated by an address registry and may be used in networks by anyone without outside
involvement.
/ They are not guaranteed to be globally unique.
/ Reverse Domain Name System (DNS) entries (under ip6.arpa) for fd00::/8 ULAs cannot be delegated in
the global DNS.

Reference: RFC 4193

QUESTION 22
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the DNS Server server role installed.
The network contains client computers that run either Linux, Windows 7, or Windows 8. You have a standard primary zone named adatum.com as shown in the exhibit. (Click the Exhibit button.)

You plan to configure Name Protection on all of the DHCP servers.
You need to configure the adatum.com zone to support Name Protection.
Which two configurations should you perform from DNS Manager? (Each correct answer presents part of the solution. Choose two.)
A. Sign the zone.
B. Store the zone in Active Directory.
C. Modify the Security settings of the zone.
D. Configure Dynamic updates.
E. Add a DNS key record
Correct Answer: BD Explanation

Explanation/Reference:
Explanation:
Name protection requires secure update to work. Without name protection DNS names may be hijacked.
You can use the following procedures to allow only secure dynamic updates for a zone. Secure dynamic
update is supported only for Active Directoryintegrated zones. If the zone type is con- figured differently,

you must change the zone type and directory-integrate the zone before secur- ing it for Domain Name System (DNS) dynamic updates.
1.
(B) Convert primary DNS server to Active Directory integrated primary

2.
(D) Enable secure dynamic updates

Reference: DHCP: Secure DNS updates should be configured if Name Protection is enabled on any IPv4 scope

QUESTION 23
Your network contains two DNS servers named DN51 and DNS2 that run Windows Server 2012 R2.
DNS1 has a primary zone named contoso.com. DNS2 has a secondary copy of the contoso.com zone.
You need to log the zone transfer packets sent between DNS1 and DNS2.
What should you configure?

A. Monitoring from DNS Manager
B. Logging from Windows Firewall with Advanced Security
C. A Data Collector Set (DCS) from Performance Monitor
D. Debug logging from DNS Manager Correct Answer: D

Explanation Explanation/Reference:  642-661 pdf
Explanation: Debug logging allows you to log the packets sent and received by a DNS server. Debug logging is disabled by default, and because it is resource intensive, you should only activate it temporar- ily when you need more specific detailed information about server performance.
Reference: Active Directory 2008: DNS Debug Logging Facts…
QUESTION 24
Your network contains an Active Directory forest named contoso.com.
Users frequently access the website of an external partner company. The URL of the website is
The partner company informs you that it will perform maintenance on its Web server and that the IP addresses of the Web server will change.
After the change is complete, the users on your internal network report that they fail to access the website. However, some users who work from home report that they can access the website.
You need to ensure that your DNS servers can resolve partners.adatum.com to the correct IP ad- dress immediately.
What should you do?
A. Run dnscmd and specify the CacheLockingPercent parameter.
B. Run Set-DnsServerGlobalQueryBlockList.
C. Run ipconfig and specify the Renew parameter.
D. Run Set-DnsServerCache.
Correct Answer: D Explanation

Explanation/Reference:
Explanation:
The Set-DnsServerCache cmdlet modifies cache settings for a Domain Name System (DNS) server.

Run Set-DnsServerCache with the -LockingPercent switch.

/ -LockingPercent<UInt32>
Specifies a percentage of the original Time to Live (TTL) value that caching can consume. Cache locking is
configured as a percent value. For example, if the cache locking value is set to 50, the DNS server does
not overwrite a cached entry for half of the duration of the TTL. By de- fault, the cache locking percent
value is 100. This value means that the DNS server will not over- write cached entries for the entire
duration of the TTL.

Note: A better way would be clear the DNS cache on the DNS server with either Dnscmd /ClearCache
(from command prompt) or Clear-DnsServerCache (from Windows PowerShell).

Reference: Set-DnsServerCache
Incorrect:
Not A: You need to use the /config parameter as well:
You can change this value if you like by using the dnscmd command:

dnscmd /Config /CacheLockingPercent<percent>

QUESTION 25
You have a server named Server1.
You install the IP Address Management (IPAM) Server feature on Server1.
You need to provide a user named User1 with the ability to set the access scope of all the DHCP servers that are managed by IPAM. The solution must use the principle of least privilege.
Which user role should you assign to User1?
A. DNS Record Administrator Role
B. IPAM DHCP Reservations Administrator Role
C. IPAM Administrator Role
D. IPAM DHCP Administrator Role Correct Answer: D

Explanation Explanation/Reference:
Explanation:
The IPAM DHCP administrator role completely manages DHCP servers.
Reference: What’s New in IPAM
QUESTION 26
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a member server named Server1. Server1 has the IP Address Management (IPAM) Server feature installed.
On Dc1, you configure Windows Firewall to allow all of the necessary inbound ports for IPAM.
On Server1, you open Server Manager as shown in the exhibit. (Click the Exhibit button.)

You need to ensure that you can use IPAM on Server1 to manage DNS on DC1. What should you do?
A. Modify the outbound firewall rules on Server1.
B. Modify the inbound firewall rules on Server1.
C. Add Server1 to the Remote Management Users group.
D. Add Server1 to the Event Log Readers group. Correct Answer: D

Explanation Explanation/Reference:
To access configuration data and server event logs, the IPAM server must be a member of the domain IPAM Users Group (IPAMUG). The IPAM server must also be a member of the Event Log Readers security group.
Note: The computer account of the IPAM server must be a member of the Event Log Readers se- curity group.
Ref: Manually Configure DC and NPS Access Settings

70-412 dumps

Microsoft 70-412 pdf help you test yourself in a real time environment of Microsoft 70-412 Customization and Configuration certification exam. Microsoft 70-412 from http://www.kill4exam.com/70-412.html is accepted universally. We are the online Certification Expert recognized by a worldwide audience of IT professionals and executives alike as the definitive source of training materials for the candidate seeking insight, updates and resources for vendor certifications. Special Microsoft 70-412 vce training materials is designed according to the updated curriculum given by Microsoft.

Article Link: http://www.itcertlab.com/2016-download-ccna-100-101-pdf-files.html

Read More: http://www.javacexam.com/real-microsoft-70-412-vce-files.html

Official Site: https://www.microsoft.com/en-us/learning/exam-70-412.aspx