READ Free Dumps For Microsoft- 70-411
| Question ID 14095 | Your network contains a DNS server named Server1 that runs Windows Server 2012 R2.
|
| Option A | Answer :
The Default TTL, is just that a default for newly created records. Once the records are created their TTL is independent of the Default TTL on the SOA. Microsoft DNS implementation copies the Default TTL setting to all newly created records their by giving them all independent TTL settings. SOA Minimum Field: The SOA minimum field has been overloaded in the past to have three different meanings, the minimum TTL value of all RRs in a zone, the default TTL of RRs which did not contain a TTL value and the TTL of negative responses. Despite being the original defined meaning, the first of these, the minimum TTL value of all RRs in a zone, has never in practice been used and is hereby deprecated. The second, the default TTL of RRs which contain no explicit TTL in the master zone file, is relevant only at the primary server. After a zone transfer all RRs have explicit TTLs and it is impossible to determine whether the TTL for a record was explicitly set or derived from the default after a zone transfer. Where a server does not require RRs to include the TTL value explicitly, it should provide a mechanism, not being the value of the MINIMUM field of the SOA record, from which the missing TTL values are obtained. How this is done is implementation dependent. TTLs also occur in the Domain Name System (DNS), where they are set by an authoritative name server for a particular resource record. When a caching (recursive) nameserver queries the authoritative nameserver for a resource record, it will cache that record for the time (in seconds) specified by the TTL. If a stub resolver queries the caching nameserver for the same record before the TTL has expired, the caching server will simply reply with the already cached resource record rather than retrieve it from the authoritative nameserver again. Shorter TTLs can cause heavier loads on an authoritative nameserver, but can be useful when changing the address of cri |
| Correct Answer | A |
| Question ID 14096 | You have the following Windows PowerShell Output.
You need to create a Managed Service Account. |
| Option A | Run New-ADServiceAccount –Name “service01” –DNSHostName service01.contoso.com –SAMAccountName service01. |
| Option B | Run New-AuthenticationPolicySilo, and then run New-ADServiceAccount –Name “service01” –DNSHostName service01.contoso.com. |
| Option C | Run Add-KDSRootKey, and then run New-ADServiceAccount –Name “service01” –DNSHostName service01.contoso.com. |
| Option D | Run Set-KDSConfiguration, and then run New-ADServiceAccount –Name “service01” –DNSHostName service01.contoso.com. |
| Option F | Answer : C Explanation: From the exhibit we see that the required key does not exist. First we create this key, then we create the managed service account. The Add-KdsRootKey cmdlet generates a new root key for the Microsoft Group Key Distribution Service (KdsSvc) within Active Directory (AD). The Microsoft Group KdsSvc generates new group keys from the new root key. The New-ADServiceAccount cmdlet creates a new Active Directory managed service account. Reference: New-ADServiceAccount https://technet.microsoft.com/en-us/library/hh852236(v=wps.630).aspx Reference: Add-KdsRootKey ttps://technet.microsoft.com/en-us/library/jj852117(v=wps.630).aspx |
| Correct Answer | C |
