Q1. All client computers on a company's network run Windows 7 and are members of an Active Directory Domain Services (AD DS) domain. Company policy requires that all unnecessary services be disabled on the computers.
The Sales department staff has been provided with new wireless adapters that use the IEEE 802.11n technology.
You need to ensure that portable computers can connect to wireless networks.
Which service should be running on the portable computers?
A. Client Configurations All client computers run Windows 7 Enterprise. All users have desktop computers. All computers are members of the domain. All desktop computers use wired connections to connect to the network. All portable computers use wireless connections to connect to the network. The wireless network is secured by using EAP-TLS. Company policy states that all client computers must be configured by using DHCP. The company has an internal Web site. The Web site is configured to use SSL encryption and to require client certificates. All company users can access the internal Web site. Your users access a third-party Web site to fulfill purchase orders. The Web site is updated. Users receive the following error message when they access the updated Web site: "Internet Explorer has blocked this site from using an ActiveX control in an unsafe manner. As a result, this page may not display correctly." You need to ensure that users can access the Web site and that the Web site content is displayed correctly. What should you do? A. Modify the Internet Explorer AJAX settings. B. Modify the Internet Explorer Internet zone settings. C. Add the Web site to the Internet Explorer Restricted Sites zone. D. Add the Web site to the Internet Explorer Compatibility View List. Answer: B
Q3. Your company has a branch office. The office has two 48-port network switches named Switch1 and Switch2.
The company purchases several new computers that have identical hardware. The new computers run Windows 7.The help desk reports that the new computers that connect to Switch1 are unable to connect to network resources and do not receive IP configurations from the DHCP server.
Existing computers that connect to Switch1 can access network resources. The new computers that connect to Switch2 can also access network resources.
You need to ensure that all computers can connect to network resources.
What should you do?
A. Re-install the network card driver.
B. Disable IPv6 on the network interface.
C. Disable and then enable the network interface.
D. Disable the AutoNegotiation setting on the network interface.
Answer: D
Q4. The help desk reports that users receive a security warning message when they try to access the internal Web site shown in the exhibit:
The help desk confirms that users never received this security warning message before.
You need to provide a solution to prevent users from receiving the security warning when they try to access the internal Web site.
What should you do?
Exhibit:
A. Instruct the users to download the certificate of the Web server.
B. Instruct the users to download a new certificate revocation list (CRL).
C. Request that a domain administrator renew the Web server SSL certificate.
D. Request that a domain administrator renew the user authentication certificates for all users.
Answer: C
Q5. The help desk technicians discover that some computers have not installed the latest updates for Windows. The Windows Update log files on the computers show that to complete the installation of several updates the computers must be restarted.
You need to ensure that future updates are successfully installed on all computers.
What should you request?
A. the logon hours for all user accounts be set from 06:00 to 22:00
B. the Delay Restart for scheduled installations setting in the WSUS Policy GPO be set to disabled
C. the Allow Automatic Updates immediate installation setting in the WSUS Policy GPO be set to enabled
D. the No auto-restart with logged on users for scheduled automatic updates installations setting in the WSUS Policy GPO be set to disabled
Answer: D
Q6. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 8, Fourth Coffee
Scenario:
You are an enterprise desktop support technician for Fourth Coffee.
The network contains a single domain named fourthcoffee.com.
Physical Environment
The Web1 server is accessible only through the URL http://web1.fourthcoffee.local.
Application Configurations
Fourth Coffee deploys an application named App1 to users in the main office by using a Group Policy Object (GPO) named APP1Deploy.
App1 requires that a drive named M be mapped to \\AppServer1\AppData$.
App1 saves information on a local computer if drive M is unavailable.
All client computers have drive M.
Security Policy
The corporate security policy states that domain controllers can only be deployed in secure data centers. Branch office 2 does not have a secure data center.
Client Configuration
All users connect remotely through VPN1. VPN1 is configured to accept only SSTP-based VPN connections.
All client computers receive IP configurations from DHCP.
You recently purchased 100 desktop computers from a new hardware vendor.
The application support team reports that the App1 data of some users is not saved to AppServer1.
The team reports that the users deleted the mapped drive.
You need to prevent the users from deleting the mapped drive.
Which settings should you request be modified in the APP1Deploy GPO?
The application support team reports that the App1 data of some users is not saved to AppServer1. The team reports that the users deleted the mapped drive.
You need to prevent the users from deleting the mapped drive.
Which settings should you request be modified in the APP1Deploy GPO?
A. Administrative Templates
B. AppLocker
C. Group Policy Preferences
D. Software Restriction Policies
Answer: C
Q7. You have an Active Directory domain. All client computers run Windows 7 and are joined to the domain.
The help desk reports that several users recently downloaded and installed malware.
You discover that the users modified the Windows Defender settings on their computers.
You need to recommend a solution to prevent users from modifying their Windows Defender settings.
What should you recommend?
A. Modify the User Account Control (UAC) settings.
B. Modify the membership of the local Administrators group.
C. From Program and Features, modify the Windows Features.
D. From a Group Policy object (GPO), modify the Windows Defender settings.
Answer: D
Q8. Remote users report that after they renew their smart card certificates, they are unable to log on to their computers by using their smart cards.
You need to ensure that users can log on by using their smart cards.
What should you instruct the users to do?
A. Change their smart card PINs.
B. Request a new smart card certificate.
C. Log on by using their user names and passwords, and then lock and unlock their computers.
D. Establish a VPN connection from the logon screen and use their smart cards for authentication.
Answer: D
Q9. The help desk reports that they receive many calls from remote users who cannot access Internet Web sites while they are connected to the VPN. The help desk instructs the users to manually configure the VPN connection so that the users can access Internet Web sites while connected to the VPN.
You need to provide a recommendation to reduce the number of calls to the help desk regarding this issue.
What should you recommend?
A. Deploy a Network Policy Server (NPS).
B. Replace the SSTP-based VPN with a PPTP-based VPN.
C. Issue computer certificates from a trusted root certification authority (CA) to all remote users.
D. Create and distribute Connection Manager Administration Kit (CMAK) profiles to all remote users.
Answer: D
Q10. Members of the Sales Support team must contact the help desk to have their AD DS user accounts unlocked.
You need to recommend a solution to ensure that user accounts for members of the Sales Support team are automatically unlocked 10 minutes after becoming locked.
What should you recommend?
A. Create a new Group Policy object with a different account lockout policy and link it to the domain.
B. Modify the Unlock Account options for the members of the Sales security group.
C. Create a fine-grained password policy with a different account lockout policy and apply it to the Sales security group.
D. Modify the Account Properties Options properties for the members of the Sales security group.
Answer: C