Windows 10 v1.0 (MD-100)

Page:    1 / 20   
Total 298 questions

You have a computer named Computer1 that runs Windows 10.
The relevant services on Computer1 are shown in the following table.


Which service will start after you restart Computer1?

  • A. Service3 and Service5 only
  • B. Service1, Service2, and Service5
  • C. Service2, Service5, and Service6
  • D. Service5 only


Answer : C

Explanation:
Service1 cannot start because it is dependent on Service3 which is disabled.
Service2 will start because it is set to Automatic. Service2 starting will cause Service6 to start.
Service3 will not start because it is disabled.
Service4 will not start because it is disabled.
Service5 will start because it is set to Automatic and is not dependent on any other services.
Service6 will start because Service2 is dependent on Service6.

Your company has an isolated network used for testing. The network contains 20 computers that run Windows 10. The computers are in a workgroup. During testing, the computers must remain in the workgroup.
You discover that none of the computers are activated.
You need to recommend a solution to activate the computers without connecting the network to the Internet.
What should you include in the recommendation?

  • A. Volume Activation Management Tool (VAMT)
  • B. Key Management Service (KMS)
  • C. Active Directory-based activation
  • D. the Get-WindowsDeveloperLicense cmdlet


Answer : B

Explanation:
You can configure one of the computers as a Key Management Service (KMS) host and activate the KMS host by phone. The other computers in the isolated network can then activate using the KMS host.
Installing a KMS host key on a computer running Windows 10 allows you to activate other computers running Windows 10 against this KMS host and earlier versions of the client operating system, such as Windows 8.1 or Windows 7. Clients locate the KMS server by using resource records in DNS, so some configuration of DNS may be required. This scenario can be beneficial if your organization uses volume activation for clients and MAK-based activation for a smaller number of servers. To enable KMS functionality, a KMS key is installed on a KMS host; then, the host is activated over the Internet or by phone using
Microsoftג€™s activation services.
References:
https://docs.microsoft.com/en-us/windows/deployment/volume-activation/activate-using-key-management-service-vamt

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview -

General Overview -
Litware, Inc. is a consulting company that has a main office in Montreal and branch offices in Seattle and New York.

Environment -

Existing Environment -
The network contains an on-premises Active Directory domain named litware.com. The domain contains the computers shown in the following table.


The network that uses 192.168.10.0/24 connects to the internet by using a Network Address Translation (NAT) device.
Windows Admin Center is installed on Server1.
The domain contains the groups shown in the following table.

The domain contains the users shown in the following table.


Computer1 Configuration -
Computer1 contains the local user accounts shown in the following table.

Computer1 contains a folder named D:\Folder1 that has permission inheritance disabled.
Computer1 contains a file named D:\Folder1\Report.docx that has the permissions shown in the following table.

D:\Folder1\Report.docx has auditing configured as shown in the following table.

The Local Computer Policy for Computer1 is configured as shown in the following table.

Windows Defender Firewall for Computer1 has the rules shown in the following table.


Computer2 Configuration -
Computer2 contains the local user accounts shown in the following table.

Group1 and Group2 are members of the Remote Desktop Users group.
The Local Computer Policy for Computer2 is configured as shown in the following table.

Windows Defender Firewall for Computer2 has the rules shown in the following table.


Computer3 Configuration -
Computer3 contains the local user accounts shown in the following table.

Windows Defender Firewall for Computer3 has the rules shown in the following table.

Requirements and Planned Changes

Planned Changes -
Litware plans to make the following changes on Computer1:
Grant User1 Allow Full control permissions to D:\Folder1\Report.docx.
Grant User2 Allow Full control permissions to D:\Folder1\Report.docx.
Grant User3 Allow Full control permissions to D:\Folder1.


Technical Requirements -
Litware identifies the following technical requirements:
Configure custom Visual Effect performance settings for Computer1.
Manage Computer2 by using Windows Admin Center.
Minimize administrative effort.
Delivery Optimization on the computers that run Windows 10 must be configured to meet the following requirements:
Content must be downloaded only from an original source.
Downloading content from peer cache clients must be prevented.
Downloads must be optimized by using the Delivery Optimization cloud service.

On Computer1, you need to configure the custom Visual Effects performance settings.
Which user accounts can you use?

  • A. Admin1, User11, and User13 only
  • B. Admin1 only
  • C. Admin1, User11, User12, and User13
  • D. Admin1, User11, and User12 only
  • E. Admin1 and User 11 only


Answer : C

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview -

General Overview -
Litware, Inc. is a consulting company that has a main office in Montreal and branch offices in Seattle and New York.

Environment -

Existing Environment -
The network contains an on-premises Active Directory domain named litware.com. The domain contains the computers shown in the following table.


The network that uses 192.168.10.0/24 connects to the internet by using a Network Address Translation (NAT) device.
Windows Admin Center is installed on Server1.
The domain contains the groups shown in the following table.

The domain contains the users shown in the following table.


Computer1 Configuration -
Computer1 contains the local user accounts shown in the following table.

Computer1 contains a folder named D:\Folder1 that has permission inheritance disabled.
Computer1 contains a file named D:\Folder1\Report.docx that has the permissions shown in the following table.

D:\Folder1\Report.docx has auditing configured as shown in the following table.

The Local Computer Policy for Computer1 is configured as shown in the following table.

Windows Defender Firewall for Computer1 has the rules shown in the following table.


Computer2 Configuration -
Computer2 contains the local user accounts shown in the following table.

Group1 and Group2 are members of the Remote Desktop Users group.
The Local Computer Policy for Computer2 is configured as shown in the following table.

Windows Defender Firewall for Computer2 has the rules shown in the following table.


Computer3 Configuration -
Computer3 contains the local user accounts shown in the following table.

Windows Defender Firewall for Computer3 has the rules shown in the following table.

Requirements and Planned Changes

Planned Changes -
Litware plans to make the following changes on Computer1:
Grant User1 Allow Full control permissions to D:\Folder1\Report.docx.
Grant User2 Allow Full control permissions to D:\Folder1\Report.docx.
Grant User3 Allow Full control permissions to D:\Folder1.


Technical Requirements -
Litware identifies the following technical requirements:
Configure custom Visual Effect performance settings for Computer1.
Manage Computer2 by using Windows Admin Center.
Minimize administrative effort.
Delivery Optimization on the computers that run Windows 10 must be configured to meet the following requirements:
Content must be downloaded only from an original source.
Downloading content from peer cache clients must be prevented.
Downloads must be optimized by using the Delivery Optimization cloud service.

Which users can sign in to Computer2 by using Remote Desktop?

  • A. User2 only
  • B. Admin1 only
  • C. User1 only
  • D. Admin1 and User2 only
  • E. Admin1, User1, User2, and User3


Answer : D

Reference:
https://4sysops.com/archives/user-rights-assignment-in-windows-server-2016/

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam times as you would like to complete each case. However, there may be additional studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Fabrikam, Inc. is a distribution company that has 500 employees and 100 contractors.

Existing Environment -

Active Directory -
The network contains an Active Directory forest named fabrikam.com. The forest is synced to Microsoft Azure Active Directory (Azure AD). All the employees are assigned Microsoft 365 E3 licenses.
The domain contains a user account for an employee named User10.

Client Computers -
All the employees have computers that run Windows 10 Enterprise. All the computers are installed without Volume License Keys. Windows 10 license keys are never issued.
All the employees register their computer to Azure AD when they first receive the computer.
User10 has a computer named Computer10.
All the contractors have their own computer that runs Windows 10. None of the computers are joined to Azure AD.

Operational Procedures -
Fabrikam has the following operational procedures:
Updates are deployed by using Windows Update for Business.
When new contractors are hired, administrators must help the contactors configure the following settings on their computer:
- User certificates
- Browser security and proxy settings
- Wireless network connection settings

Security Policies -
The following security policies are enforced on all the client computers in the domain:
All the computers are encrypted by using BitLocker Drive Encryption (BitLocker). BitLocker recovery information is stored in Active Directory and Azure AD.
The local Administrators group on each computer contains an enabled account named LocalAdmin.
The LocalAdmin account is managed by using Local Administrator Password Solution (LAPS).

Problem Statements -
Fabrikam identifies the following issues:
Employees in the finance department use an application named Application1. Application1 frequently crashes due to a memory error. When Application1 crashes, an event is written to the application log and an administrator runs a script to delete the temporary files and restart the application.
When employees attempt to connect to the network from their home computer, they often cannot establish a VPN connection because of misconfigured VPN settings.
An employee has a computer named Computer11. Computer11 has a hardware failure that prevents the computer from connecting to the network.
User10 reports that Computer10 is not activated.

Technical Requirements -
Fabrikam identifies the following technical requirements for managing the client computers:
Provide employees with a configuration file to configure their VPN connection.
Use the minimum amount of administrative effort to implement the technical requirements.
Identify which employeesג€™ computers are noncompliant with the Windows Update baseline of the company.
Ensure that the service desk uses Quick Assist to take remote control of an employeeג€™s desktop during support calls.
Automate the configuration of the contractorsג€™ computers. The solution must provide a configuration file that the contractors can open from a Microsoft
SharePoint site to apply the required configurations.

You need to sign in as LocalAdmin on Computer11.
What should you do first?

  • A. From the LAPS UI tool, view the administrator account password for the computer object of Computer11.
  • B. From Windows Configuration Designer, create a configuration package that sets the password of the LocalAdmin account on Computer11.
  • C. Use a Group Policy object (GPO) to set the local administrator password.
  • D. From Microsoft Intune, set the password of the LocalAdmin account on Computer11.


Answer : A

References:
https://technet.microsoft.com/en-us/mt227395.aspx

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam times as you would like to complete each case. However, there may be additional studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Fabrikam, Inc. is a distribution company that has 500 employees and 100 contractors.

Existing Environment -

Active Directory -
The network contains an Active Directory forest named fabrikam.com. The forest is synced to Microsoft Azure Active Directory (Azure AD). All the employees are assigned Microsoft 365 E3 licenses.
The domain contains a user account for an employee named User10.

Client Computers -
All the employees have computers that run Windows 10 Enterprise. All the computers are installed without Volume License Keys. Windows 10 license keys are never issued.
All the employees register their computer to Azure AD when they first receive the computer.
User10 has a computer named Computer10.
All the contractors have their own computer that runs Windows 10. None of the computers are joined to Azure AD.

Operational Procedures -
Fabrikam has the following operational procedures:
Updates are deployed by using Windows Update for Business.
When new contractors are hired, administrators must help the contactors configure the following settings on their computer:
- User certificates
- Browser security and proxy settings
- Wireless network connection settings

Security Policies -
The following security policies are enforced on all the client computers in the domain:
All the computers are encrypted by using BitLocker Drive Encryption (BitLocker). BitLocker recovery information is stored in Active Directory and Azure AD.
The local Administrators group on each computer contains an enabled account named LocalAdmin.
The LocalAdmin account is managed by using Local Administrator Password Solution (LAPS).

Problem Statements -
Fabrikam identifies the following issues:
Employees in the finance department use an application named Application1. Application1 frequently crashes due to a memory error. When Application1 crashes, an event is written to the application log and an administrator runs a script to delete the temporary files and restart the application.
When employees attempt to connect to the network from their home computer, they often cannot establish a VPN connection because of misconfigured VPN settings.
An employee has a computer named Computer11. Computer11 has a hardware failure that prevents the computer from connecting to the network.
User10 reports that Computer10 is not activated.

Technical Requirements -
Fabrikam identifies the following technical requirements for managing the client computers:
Provide employees with a configuration file to configure their VPN connection.
Use the minimum amount of administrative effort to implement the technical requirements.
Identify which employeesג€™ computers are noncompliant with the Windows Update baseline of the company.
Ensure that the service desk uses Quick Assist to take remote control of an employeeג€™s desktop during support calls.
Automate the configuration of the contractorsג€™ computers. The solution must provide a configuration file that the contractors can open from a Microsoft
SharePoint site to apply the required configurations.

An employee reports that she must perform a BitLocker recovery on her laptop. The employee does not have her BitLocker recovery key but does have a
Windows 10 desktop computer.
What should you instruct the employee to do from the desktop computer?

  • A. Run the manage-bde.exe ג€"status command
  • B. From BitLocker Recovery Password Viewer, view the computer object of the laptop
  • C. Go to https://aad.portal.azure.com and view the object of the laptop
  • D. Run the Enable-BitLockerAutoUnlock cmdlet


Answer : C

Explanation:
The BitLocker recovery key is stored in Azure Active Directory.
Reference:
https://celedonpartners.com/blog/storing-recovering-bitlocker-keys-azure-active-directory/

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
Contoso has IT, human resources (HR), and finance departments.
Contoso recently opened a new branch office in San Diego. All the users in the San Diego office work from home.

Existing environment -
Contoso uses Microsoft 365.
The on-premises network contains an Active Directory domain named contoso.com. The domain is synced to Microsoft Azure Active Directory (Azure AD).
All computers run Windows 10 Enterprise.
You have four computers named Computer1, Computer2, Computer3, and ComputerA. ComputerA is in a workgroup on an isolated network segment and runs the Long Term Servicing Channel version of Windows 10. ComputerA connects to a manufacturing system and is business critical. All the other computers are joined to the domain and run the Semi-Annual Channel version of Windows 10.
In the domain, you create four groups named Group1, Group2, Group3, and Group4.
Computer2 has the local Group Policy settings shown in the following table.


The computers are updated by using Windows Update for Business.
The domain has the users shown in the following table.

Computer1 has the local users shown in the following table.


Requirements -

Planned Changes -
Contoso plans to purchase computers preinstalled with Windows 10 Pro for all the San Diego office users.

Technical requirements -
Contoso identifies the following technical requirements:
The computers in the San Diego office must be upgraded automatically to Windows 10 Enterprise and must be joined to Azure AD the first time a user starts each new computer. End users must not be required to accept the End User License Agreement (EULA).
Helpdesk users must be able to troubleshoot Group Policy object (GPO) processing on the Windows 10 computers. The helpdesk users must be able to identify which Group Policies are applied to the computers.
Users in the HR department must be able to view the list of files in a folder named D:\Reports on Computer3.
ComputerA must be configured to have an Encrypting File System (EFS) recovery agent.
Quality update installations must be deferred as long as possible on ComputerA.
Users in the IT department must use dynamic lock on their primary device.
User6 must be able to connect to Computer2 by using Remote Desktop.
The principle of least privilege must be used whenever possible.
Administrative effort must be minimized whenever possible.
Kiosk (assigned access) must be configured on Computer1.


HOTSPOT -
You need to meet the technical requirements for the helpdesk users.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:



Answer :

References:
https://www.itprotoday.com/compute-engines/what-group-policy-creator-owners-group

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
Contoso has IT, human resources (HR), and finance departments.
Contoso recently opened a new branch office in San Diego. All the users in the San Diego office work from home.

Existing environment -
Contoso uses Microsoft 365.
The on-premises network contains an Active Directory domain named contoso.com. The domain is synced to Microsoft Azure Active Directory (Azure AD).
All computers run Windows 10 Enterprise.
You have four computers named Computer1, Computer2, Computer3, and ComputerA. ComputerA is in a workgroup on an isolated network segment and runs the Long Term Servicing Channel version of Windows 10. ComputerA connects to a manufacturing system and is business critical. All the other computers are joined to the domain and run the Semi-Annual Channel version of Windows 10.
In the domain, you create four groups named Group1, Group2, Group3, and Group4.
Computer2 has the local Group Policy settings shown in the following table.


The computers are updated by using Windows Update for Business.
The domain has the users shown in the following table.

Computer1 has the local users shown in the following table.


Requirements -

Planned Changes -
Contoso plans to purchase computers preinstalled with Windows 10 Pro for all the San Diego office users.

Technical requirements -
Contoso identifies the following technical requirements:
The computers in the San Diego office must be upgraded automatically to Windows 10 Enterprise and must be joined to Azure AD the first time a user starts each new computer. End users must not be required to accept the End User License Agreement (EULA).
Helpdesk users must be able to troubleshoot Group Policy object (GPO) processing on the Windows 10 computers. The helpdesk users must be able to identify which Group Policies are applied to the computers.
Users in the HR department must be able to view the list of files in a folder named D:\Reports on Computer3.
ComputerA must be configured to have an Encrypting File System (EFS) recovery agent.
Quality update installations must be deferred as long as possible on ComputerA.
Users in the IT department must use dynamic lock on their primary device.
User6 must be able to connect to Computer2 by using Remote Desktop.
The principle of least privilege must be used whenever possible.
Administrative effort must be minimized whenever possible.
Kiosk (assigned access) must be configured on Computer1.


HOTSPOT -
You need to meet the technical requirements for the HR department users.
Which permissions should you assign to the HR department users for the D:\Reports folder? To answer, select the appropriate permissions in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:



Answer :

References:
https://www.online-tech-tips.com/computer-tips/set-file-folder-permissions-windows/

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
Contoso has IT, human resources (HR), and finance departments.
Contoso recently opened a new branch office in San Diego. All the users in the San Diego office work from home.

Existing environment -
Contoso uses Microsoft 365.
The on-premises network contains an Active Directory domain named contoso.com. The domain is synced to Microsoft Azure Active Directory (Azure AD).
All computers run Windows 10 Enterprise.
You have four computers named Computer1, Computer2, Computer3, and ComputerA. ComputerA is in a workgroup on an isolated network segment and runs the Long Term Servicing Channel version of Windows 10. ComputerA connects to a manufacturing system and is business critical. All the other computers are joined to the domain and run the Semi-Annual Channel version of Windows 10.
In the domain, you create four groups named Group1, Group2, Group3, and Group4.
Computer2 has the local Group Policy settings shown in the following table.


The computers are updated by using Windows Update for Business.
The domain has the users shown in the following table.

Computer1 has the local users shown in the following table.


Requirements -

Planned Changes -
Contoso plans to purchase computers preinstalled with Windows 10 Pro for all the San Diego office users.

Technical requirements -
Contoso identifies the following technical requirements:
The computers in the San Diego office must be upgraded automatically to Windows 10 Enterprise and must be joined to Azure AD the first time a user starts each new computer. End users must not be required to accept the End User License Agreement (EULA).
Helpdesk users must be able to troubleshoot Group Policy object (GPO) processing on the Windows 10 computers. The helpdesk users must be able to identify which Group Policies are applied to the computers.
Users in the HR department must be able to view the list of files in a folder named D:\Reports on Computer3.
ComputerA must be configured to have an Encrypting File System (EFS) recovery agent.
Quality update installations must be deferred as long as possible on ComputerA.
Users in the IT department must use dynamic lock on their primary device.
User6 must be able to connect to Computer2 by using Remote Desktop.
The principle of least privilege must be used whenever possible.
Administrative effort must be minimized whenever possible.
Kiosk (assigned access) must be configured on Computer1.

You need to meet the technical requirements for EFS on ComputerA.
What should you do?

  • A. Run certutil.exe, and then add a certificate to the local computer certificate store.
  • B. Run cipher.exe, and then add a certificate to the local computer certificate store.
  • C. Run cipher.exe, and then add a certificate to the local Group Policy.
  • D. Run certutil.exe, and then add a certificate to the local Group Policy.


Answer : B

Reference:
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate

You have a computer named Computer1 that runs Windows 10.
You need to configure User Account Control (UAC) to prompt administrators for their credentials.
Which settings should you modify?

  • A. Administrators Properties in Local Users and Groups
  • B. User Account Control Settings in Control Panel
  • C. Security Options in Local Group Policy Editor
  • D. User Rights Assignment in Local Group Policy Editor


Answer : C

References:
https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings

You have several computers that run Windows 10. The computers are in a workgroup.
You need to prevent users from using Microsoft Store apps on their computer.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. From Security Settings in the local Group Policy, configure Security Options.
  • B. From Administrative Templates in the local Group Policy, configure the Store settings.
  • C. From Security Settings in the local Group Policy, configure Software Restriction Policies.
  • D. From Security Settings in the local Group Policy, configure Application Control Policies.


Answer : BD

References:
https://www.techrepublic.com/article/how-to-manage-your-organizations-microsoft-store-group-policy/

You have a computer named Computer1 that runs Windows 10.
You need to prevent standard users from changing the wireless network settings on Computer1. The solution must allow administrators to modify the wireless network settings.
What should you use?

  • A. Windows Configuration Designer
  • B. MSConfig
  • C. Local Group Policy Editor
  • D. an MMC console that has the Group Policy Object Editor snap-in


Answer : C

HOTSPOT -
You have three computers that run Windows 10 as shown in the following table.


All the computers have C and D volumes. The Require additional authentication at startup Group Policy settings is disabled on all the computers.
Which volumes can you encrypt by using BitLocker Drive Encryption (BitLocker)? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:



Answer :

References:
https://www.windowscentral.com/how-use-bitlocker-encryption-windows-10

Your network contains an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10.
On Computer1, you create a folder and assign Full control permissions to Everyone.
You share the folder as Share1 and assign the permissions shown in the following table.


When accessing Share1, which two actions can be performed by User1 but not by User2? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Delete a file created by another user.
  • B. Set the permissions for a file.
  • C. Rename a file created by another user.
  • D. Take ownership of file.
  • E. Copy a file created by another user to a subfolder.


Answer : BD

References:
https://www.varonis.com/blog/ntfs-permissions-vs-share/

HOTSPOT -
You have a computer that runs Windows 10. The computer contains a folder named C:\ISOs that is shared as ISOs.
You run several commands on the computer as shown in the following exhibit.


Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:



Answer :

When you are using share and NTFS permissions together, the most restrictive permission is applied.
Reference:
https://www.varonis.com/blog/ntfs-permissions-vs-share/

Page:    1 / 20   
Total 298 questions