Microsoft-Administering Windows Server 2012 Set 5

Your network contains an Active Directory domain named contoso.com. The domain contains 30 organizational units (OUs). You need to ensure that a user named Admin1 can link Group Policy objects (GPOs) in the domain. What should you do?

You have a Windows Server Updates (WSUS) server named Server01. You need to prevent the WSUS service on Server01 from being updated automatically. What should you do from the Update Services console?

Your network contains an Active Directory domain named adatum.com. The domain contains a domain controller named Server1 that runs Windows Server 2012 R2. You obtain an English Administrative Template for an application named App1. The Administrative Template includes two files named App1.admx and App1.adml. You need to be able to configure App1 by using a Group Policy on Server1. What should you copy?

Your network contains an Active Directory domain named adatum.com. The domain has a certification authority (CA) named CA1. All servers run Windows Server 2012 R2. All client computers run Windows 10. You need to add a data recovery agent for the Encryption File System (EFS) to the domain. What should you do?

Your network contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2. Server1 is a VPN server and Server2 is a Network Policy Server (NPS) server. Server1 is configured to assign IP addresses to VPN clients by using a static IP address pool of 192.168.10.200 to 192.168.10.220. On Server1, you configure Server2 as an authentication provider. You need to ensure that users can establish VPN connections to Server1. Which two should you configure on Server2? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Your network contains a single Active Directory domain named contoso.com. The domain contains a member server named Server1 that runs Windows Server 2012 R2. Server1 has the Windows Server Updates Services server role installed and is configured to download updates from the Microsoft Update servers. You need to ensure that Server1 only downloads Critical Updates from the Microsoft Update servers. 885CB989129A5F974833949052CFB2F2 What should you do from the Update Services console?

Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2. You discover that client computers authenticate to both domain controllers. You need to ensure that client computers only authenticate to DC2 if DC1 fails. The solution must be persistent. What should you do?

Your network contains an Active Directory domain named contoso.com. All domain controllers run either Windows Server 2008 Service Pack 2 (SP2) or Windows Server 2008 R2 Service Pack 1 (SP1). You deploy a new domain controller named DC1 that runs Windows Server 2012 R2. You log on to DC1 by using an account that is a member of the Domain Admins group. You discover that you cannot create Password Settings objects (PSOs) by using Active Directory Administrative center. You need to ensure that you can create PSOs from Active Directory Administrative center. What should you do?

Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All servers run Windows Server 2012 R2. The domain contains two domain controllers named DC1 and DC2. Both domain controllers are virtual machines on a Hyper-V host. You plan to create a cloned domain controller named DC3 from an image of DC1. You need to ensure that you can clone DC1. Which two actions should you perform? Each correct answer presents part on the solution. NOTE: Each correct selection is worth one point.

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. Each time a user receives an access-denied message after attempting to access a folder on Server1, an email notification is sent to a distribution list named DL1. You create a folder named Folder1 on Server1, and then you configure custom NTFS permissions for Folder1. You need to ensure that when a user receives an access-denied message while attempting to access Folder1, an email notification is sent to a distribution list named DL2. The solution must not prevent DL1 from receiving notifications about other access-denied messages. What should you do?