Download Securing Windows Server 2016.70-744.CertKey.2019-05-20.77q.vcex

Vendor: Microsoft
Exam Code: 70-744
Exam Name: Securing Windows Server 2016
Date: May 20, 2019
File Size: 880 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

Demo Questions

Question 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2016. The forest contains 2,000 client computers that run Windows 10. All client computers are deployed from a customized Windows image. 
You need to deploy 10 Privileged Access Workstations (PAWs). The solution must ensure that administrators can access several client applications used by all users. 
Solution: You deploy one physical computer and configure it as Hyper-V host that runs Windows Server 2016. You create 10 virtual machines and configure each one as a PAW.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: B
Explanation:
References:https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/privileged-access-workstations
References:
https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/privileged-access-workstations
Question 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
Your network contain an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. Computer1 connects to a home network and a corporate network. 
The corporate network uses the 172.16.0.0/24 address space internally. 
Computer1 runs an application named App1 that listens to port 8080. 
You need to prevent connections to App1 when Computer1 is connected to the home network. 
Solution: From Group Policy Management, you create an AppLocker rule.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: B
Explanation:
References:https://technet.microsoft.com/en-us/library/dd759068(v=ws.11).aspx
References:
https://technet.microsoft.com/en-us/library/dd759068(v=ws.11).aspx
Question 3
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
Your network contain an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. Computer1 connects to a home network and a corporate network. 
The corporate network uses the 172.16.0.0/24 address space internally. 
Computer1 runs an application named App1 that listens to port 8080. 
You need to prevent connections to App1 when Computer1 is connected to the home network. 
Solution: From Group Policy Management, you create software restriction policy.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: B
Explanation:
References:https://technet.microsoft.com/en-us/library/hh831534(v=ws.11).aspx
References:
https://technet.microsoft.com/en-us/library/hh831534(v=ws.11).aspx
Question 4
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
Your network contain an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. Computer1 connects to a home network and a corporate network. 
The corporate network uses the 172.16.0.0/24 address space internally. 
Computer1 runs an application named App1 that listens to port 8080. 
You need to prevent connections to App1 when Computer1 is connected to the home network. 
Solution: From Windows Firewall in the Control Panel, you add an application and allow the application to communicate through the firewall on a Private network.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: B
Explanation:
References:http://www.online-tech-tips.com/windows-10/adjust-windows-10-firewall-settings/
References:
http://www.online-tech-tips.com/windows-10/adjust-windows-10-firewall-settings/
Question 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2016. All client computers run Windows 10. 
The relevant objects in the domain are configured as shown in the following table. 
  
You need to assign User1 the right to restore files and folders on Server1 and Server2. 
Solution: You create a Group Policy object (GPO), you link the GPO to the Servers OU, and then you modify the Users Rights Assignment in the GPO.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: B
Explanation:
References:https://technet.microsoft.com/en-us/library/cc771990(v=ws.11).aspx
References:
https://technet.microsoft.com/en-us/library/cc771990(v=ws.11).aspx
Question 6
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2016. All client computers run Windows 10. 
The relevant objects in the domain are configured as shown in the following table. 
  
You need to assign User1 the right to restore files and folders on Server1 and Server2. 
Solution: You add User1 to the Backup Operators group in contoso.com.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: A
Explanation:
References:https://technet.microsoft.com/en-us/library/cc771990(v=ws.11).aspx
References:
https://technet.microsoft.com/en-us/library/cc771990(v=ws.11).aspx
Question 7
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2016. All client computers run Windows 10. 
The relevant objects in the domain are configured as shown in the following table. 
  
You need to assign User1 the right to restore files and folders on Server1 and Server2. 
Solution: You create a Group Policy object (GPO), link it to the Operations Users OU, and modify the Users Rights Assignment in the GPO.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: B
Explanation:
References:https://technet.microsoft.com/en-us/library/cc771990(v=ws.11).aspx
References:
https://technet.microsoft.com/en-us/library/cc771990(v=ws.11).aspx
Question 8
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts. 
You need to deploy several critical line-of-business applications to the network to meet the following requirements:
  • The resources of the applications must be isolated from the physical host. 
  • Each application must be prevented from accessing the resources of the other applications. 
  • The configurations of the applications must be accessible only from the operating system that hosts the application. 
Solution: You deploy a separate Windows container for each application.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: A
Explanation:
References:https://docs.microsoft.com/en-us/virtualization/windowscontainers/about/
References:
https://docs.microsoft.com/en-us/virtualization/windowscontainers/about/
Question 9
Your network contains an Active Directory domain named contoso.com. The domain contains 1,000 client computers that run Windows 10. 
A security audit reveals that the network recently experienced a Pass-the-Hash attack. The attack was initiated from a client computer and accessed Active Directory objects restricted to the members of the Domain Admins group. 
You need to minimize the impact of another successful Pass-the-Hash attack on the domain. 
What should you recommend?
  1. Instruct all users to sign in to a client computer by using a Microsoft account.
  2. Move the computer accounts of all the client computers to a new organizational unit (OU). Remove the permissions to the new OU from the Domain Admins group.
  3. Instruct all administrators to use a local Administrators account when they sign in to a client computer.
  4. Move the computer accounts of the domain controllers to a new organizational unit (OU). Remove the permissions to the new OU from the Domain Admins group.
Correct answer: C
Explanation:
References:https://en.wikipedia.org/wiki/Pass_the_hash#Mitigations
References:
https://en.wikipedia.org/wiki/Pass_the_hash#Mitigations
Question 10
Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012. All servers run Windows Server 2016. 
You create a new bastion forest named admin.contoso.com. The forest functional level of admin.contoso.com is Windows Server 2012 R2. 
You need to implement a Privileged Access Management (PAM) solution. 
Which two actions should you perform? Each correct answer presents part of the solution.
  1. Raise the forest functional level of admin.contoso.com.
  2. Deploy Microsoft Identify Management (MIM) 2016 to admin.contoso.com.
  3. Configure contoso.com to trust admin.contoso.com.
  4. Deploy Microsoft Identity Management (MIM) 2016 to contoso.com.
  5. Raise the forest functional level of contoso.com.
  6. Configure admin.contoso.com to trust contoso.com.
Correct answer: BC
Explanation:
References:https://docs.microsoft.com/en-us/microsoft-identity-manager/pam/hardware-software-requirementshttps://docs.microsoft.com/en-us/microsoft-identity-manager/pam/planning-bastion-environment
References:
https://docs.microsoft.com/en-us/microsoft-identity-manager/pam/hardware-software-requirements
https://docs.microsoft.com/en-us/microsoft-identity-manager/pam/planning-bastion-environment
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!