READ Free Dumps For Microsoft- 70-410
| Question ID 9263 | You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain,
including domain controllers, have Windows Server 2012 R2 installed.
You have created and linked a new Group Policy object (GPO) to an organizational unit (OU), named ENSUREPASSServ, which host the computer accounts for
servers in the Contoso.com domain.
You have been tasked with adding a group to a local group on all servers in the Contoso.com domain. This group should not, however, be removed from the local
group.
Which of the following actions should you take?
|
| Option A | You should consider adding a restricted group.
|
| Option B | You should consider adding a global group.
|
| Option C | You should consider adding a user group.
|
| Option D | You should consider adding a server group.
|
| Correct Answer | A |
Explanation Explanation/Reference: Restricted groups in Group policies are a simple way of delegating permissions or group membership centrally to any domain computer or server. Using restricted groups it is easier to enforce the lowest possible permissions to any given account. Computer Configuration\Windows Settings\Security Settings\Restricted Groups Restricted groups allow an administrator to define two properties for security-sensitive groups (that is, "restricted" groups). The two properties are Members and Member Of . The Members list defines who should and should not belong to the restricted group. The Member Of list specifies which other groups the restricted group should belong to. When a restricted Group Policy is enforced, any current member of a restricted group that is not on the Members list is removed.
| Question ID 9264 | You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain,
including domain controllers, have Windows Server 2012 R2 installed.
You have configured a server, named ENSUREPASS-SR07, as a VPN server. You are required to configure new firewall rules for workstation connections.
You want to achieve this using the least amount of administrative effort.
Which of the following actions should you take?
|
| Option A | You should consider making use of the Enable-NetFirewallRule cmdlet.
|
| Option B | You should consider making use of the New-NetFirewallRule cmdlet.
|
| Option C | You should consider making use of dism.exe from the command prompt.
|
| Option D | You should consider making use of dsadd.exe from the command prompt.
|
| Correct Answer | B |
Explanation Explanation/Reference: New-NetFirewallRule Creates a new inbound or outbound firewall rule and adds the rule to the target computer. You can't Enable what doesn't exist yet, you must use New-NetFirewallRule