DRAG DROP -
You have two servers named Server1 and Server2 that run Windows Server 2016. The servers are in a workgroup.
You need to create a security template that contains the security settings of Server1 and to apply the template to Server2. The solution must minimize administrative effort.
Which snap-in should you use for each server? To answer, drag the appropriate snap-ins to the correct servers. Each snap-in may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Answer :
References:
https://www.windows-server-2012-r2.com/security-templates.html
You are creating a Nano Server image for the deployment of 10 servers.
You need to configure the servers as guarded hosts that use Trusted Platform Module (TPM) attestation.
Which three packages should you include in the Nano Server image? Each correct answer presents part of the solution.
Answer : BCD
References:
https://docs.microsoft.com/en-us/system-center/vmm/guarded-deploy-host?toc=/windows-server/virtualization/ https://docs.microsoft.com/en-us/windows-server/get-started/deploy-nano-server
Your network contains an Active Directory domain named contoso.com. The domain contains several shielded virtual machines.
You deploy a new server named Server1 that runs Windows Server 2016.
You install the Hyper-V server role on Server1.
You need to ensure that you can host shielded virtual machines on Server1.
What should you install on Server1?
Answer : A
References:
https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-guarded-host-prerequisites
Your network contains an Active Directory domain named contoso.com.
You deploy a server named Server1 that runs Windows Server 2016. Server1 is in a workgroup.
You need to collect the logs from Server1 by using Log Analytics in Microsoft Operations Management Suite (OMS).
What should you do first?
Answer : C
References:
https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-windows-agents
HOTSPOT -
Your network contains an Active Directory domain named contoso.com.
You are deploying Microsoft Advanced Threat Analytics (ATA) to the domain. You install the ATA Gateway on a server named Server1.
To assist in detecting Pass-the-Hash attacks, you plan to configure ATA Gateway to collect events.
You need to configure the query filter for event subscriptions on Server1.
How should you configure the query filter? To answer, select the appropriate options in the answer are.
Hot Area:
Answer :
References:
https://docs.microsoft.com/en-us/advanced-threat-analytics/configure-event-collection
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your company has a marketing department.
The network contains an Active Directory domain named contoso.com. The domain contains the servers configured as shown in the following table.
Answer : C
References:
https://docs.microsoft.com/en-us/powershell/scripting/wmf/whats-new/script-logging?view=powershell-7
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your company has a marketing department.
The network contains an Active Directory domain named contoso.com. The domain contains the servers configured as shown in the following table.
Answer : D
References:
https://docs.microsoft.com/en-us/powershell/scripting/learn/remoting/jea/role-capabilities?view=powershell-7
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your company has a marketing department.
The network contains an Active Directory domain named contoso.com. The domain contains the servers configured as shown in the following table.
Answer : C
References:
https://docs.microsoft.com/en-us/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your company has a marketing department.
The network contains an Active Directory domain named contoso.com. The domain contains the servers configured as shown in the following table.
Answer : B
References:
https://docs.microsoft.com/en-us/windows/device-security/applocker/configure-the-application-identity-service
Your network contains an Active Directory domain named contoso.com. The domain contains a certification authority (CA).
You need to implement code integrity policies and sign them by using certificates issued by the CA.
You plan to use the same certificate to sign policies on multiple computers.
You duplicate the Code Signing certificate template and name the new template CodeIntegrity.
How should you configure the CodeIntegrity template?
Answer : D
References:
https://blogs.technet.microsoft.com/ukplatforms/2017/05/04/create-code-integrity-signing-certificate/
DRAG DROP -
Your network contains an Active Directory domain named contoso.com. The domain contains a user named User1 and a computer named Computer1. Remote
Server Administration Tools (RSAT) is installed on Computer1.
You need to add User1 as a data recovery agent in the domain.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
Answer :
Explanation:
References:
https://msdn.microsoft.com/library/cc875821.aspx#EJAA
https://www.serverbrain.org/managing-security-2003/using-the-cipher-command-to-add-data-recovery-agent.html
Your network contains an Active Directory domain named contoso.com. The domain contains 100 servers.
You deploy the Local Administrator Password Solution (LAPS) to the network.
You discover that the members of a group named FinanceAdministartors can view the password of the local Administrator accounts on the servers in an organizational unit (OU) named FinanceServers.
You need to prevent the FinanceAdministartors members from viewing the local administrators "˜passwords on the servers in FinanceServers. Which permission should you remove from FinanceAdministartors?
Answer : A
References:
https://4sysops.com/archives/set-up-microsoft-laps-local-administrator-password-solution-in-active-directory/
Your network contains an Active Directory Domain named contoso.com. The domain contains 10 servers that run Windows Server 2016 and 800 client computers that run Windows 10.
You need to configure the domain to meet the following requirements:
-> Users must be locked out from their computer if they enter an incorrect password twice.
-> Users must only be able to unlock a locked account by using a one-time password that is sent to their mobile phone.
You deploy all the components of Microsoft Identity Manager (MIM) 2016.
Which three actions should you perform before you deploy the MIM add-ins and extensions? Each correct answer presents part of the solution.
Answer : AEF
References:
https://docs.microsoft.com/en-us/microsoft-identity-manager/working-with-self-service-password-reset
You have a file server named FS1 that runs Windows Server 2016.
You plan to disable SMB 1.0 on the server.
You need to verify which computers access FS1 by using SMB 1.0.
What should you run first?
Answer : D
Your network contains an Active Directory domain named contoso.com.
The domain contains four global groups named Group1, Group2, Group3, and Group4. A user named User1 is a member of Group3.
You have an organizational unit (OU) named OU1 that contains computer accounts. A Group Policy object (GPO) named GPO1 is linked to OU1. OU1 contains a computer account named Computer1.
GPO1 has the User Rights Assignment configured as shown in the following table.
Answer : B