Most up-to-date 70-744: Exambible real paper from 1 to 10

Our pass rate is high to 98.9% and the similarity percentage between our 70-744 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Microsoft 70-744 exam in just one try? I am currently studying for the Microsoft 70-744 exam. Latest Microsoft 70-744 Test exam practice questions and answers, Try Microsoft 70-744 Brain Dumps First.

2018 NEW RECOMMEND

Free VCE & PDF File for Microsoft 70-744 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 70-744 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/70-744-dumps.html

Q1. Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

Your network contains an Active Directory domain named contoso.com. The functional level of the forest and the domain is Windows Server 2008 R2.

The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2016. All client computers run Windows 10.

You have an organizational unit (OU) named Marketing that contains the computers in the marketing department You have an OU named Finance that contains the computers in the finance department You have an OU named AppServers that contains application servers. A Group Policy object (GPO) named GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU.

You install Windows Defender on Nano1.

End of repeated scenario

You need to ensure that the marketing department computers validate DNS responses from adatum.com.

Which setting should you configure in the Computer Configuration node of GP1?

A. TCPIP Settings from Administrative Templates

B. Connection Security Rule from Windows Settings

C. DNS Client from Administrative Templates

D. Name Resolution Policy from Windows Settings

Answer: D

Q2. Your network contains an Active Directory domain named contoso.com. The domain contains 1,000 client computers that run Windows 10.

A security audit reveals that the network recently experienced a Pass-the-Hash attack. The attack was initiated from a client computer and accessed Active Directory objects restricted to the members of the Domain Admins group.

You need to minimize the impact of another successful Pass-the-Hash attack on the domain.

What should you recommend?

A. Instruct all users to sign in to a client computer by using a Microsoft account.

B. Move the computer accounts of all the client computers to a new organizational unit (OU). Remove the permissions to the new OU from the Domain Admins group.

C. Instruct all administrators to use a local Administrators account when they sign in to a client computer.

D. Move the computer accounts of the domain controllers to a new organizational unit (OU). Remove the permissions to the new OU from the Domain Admins group.

Answer: A

Q3. HOTSPOT

Note: This question is part of a series of questions that use the same scenario. For your

convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

Your network contains an Active Directory domain named contoso.com. The functional level of the forest and the domain is Windows Server 2008 R2.

The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2016. All client computers run Windows 10.

You have an organizational unit (OU) named Marketing that contains the computers in the marketing department. You have an OU named Finance that contains the computers in the finance department. You have an OU named AppServers that contains application servers. A Group Policy object (GPO) named GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU.

You install Windows Defender on Nano1.

End of repeated scenario

You need to ensure that you can implement the Local Administrator Password Solution (LAPS) (or the finance department computers.

What should you do in the contoso.com forest? To answer, select the appropriate options in the answer area.

Answer:

Q4. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2016.

Server1 is configured as a domain controller.

You configure Server1 as a Just Enough Administration (JEA) endpoint You configure the required JEA rights for a user named User1.

You need to tell User1 how to manage Active Directory objects from Server2. What should you tell User1 to do first on Server2?

A. From a command prompt, run ntdsutil.exe.

B. From Windows PowerShell, run the Import-Module cmdlet.

C. From Windows PowerShell run the Enter-PSSession cmdlet.

D. Install the management consoles for Active Directory, and then launch Active Directory Users and Computer.

Answer: A

Q5. Your network contains an Active Directory domain named contoso.com The domain contains five file servers that run Windows Server 2016.

You have an organizational unit (OU) named Finance that contains all of the servers. You create a Group Policy object (GPO) and link the GPO to the Finance OU.

You need to ensure that when a user in the finance department deletes a file from a file server, the event is logged. The solution must log only users who have a manager attribute

of Ben Smith.

Which audit policy setting should you configure in the GPO?

A. File system in Global Object Access Auditing

B. Audit Detailed File Share

C. Audit Other Account Logon Events

D. Audit File System in Object Access

Answer: C

Q6. Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

Your network contains an Active Directory domain named contoso.com. The functional level of the forest and the domain is Windows Server 2008 R2.

The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2016. All client computers run Windows 10.

You have an organizational unit (OU) named Marketing that contains the computers in the marketing department You have an OU named finance that contains the computers in the finance department You have an OU named AppServers that contains application servers. A Group Policy object (GPO) named GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU.

You install Windows Defender on Nano1.

End of repeated scenario

You need to exclude D:\\Folder1 on Nano1 from being scanned by Windows Defender. Which cmdlet should you run?

A. Set-StorageSetting

B. Set-FsrmFileScreenException

C. Set-MpPreference

D. Set-DtcAdvancedSetting

Answer: A

Q7. Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

Your network contains an Active Directory domain named contoso.com. The functional level of the forest and the domain is Windows Server 2008 R2.

The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2016. All client computers run Windows 10.

You have an organizational unit (OU) named Marketing that contains the computers in the marketing department. You have an OU named Finance that contains the computers in the finance department. You have an OU named AppServers that contains application servers. A Group Policy object (GPO) named GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU.

You install Windows Defender on Nano1.

End of repeated scenario

You need to ensure that you can deploy a shielded virtual machine to Server4. Which server role should you deploy?

A. Hyper-V

B. Device Health Attestation

C. Network Controller

D. Host Guardian Service

Answer: A

Q8. HOTSPOT

You plan to deploy three encrypted virtual machines that use Secure Boot. The virtual machines will be configured as shown in the following table.

How should you protect each virtual machine? To answer, select the appropriate options in the answer area.

Answer:

Q9. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Serve1, that runs Windows Server 2016.

A technician is testing the deployment of Credential Guard on Server1. You need to verify whether Credential Guard is enabled on Server1. What should you do?

A. From a command prompt fun the credwiz.exe command.

B. From Task Manager, review the processes listed on the Details tab.

C. From Server Manager, click Local Server, and review the properties of Server!

D. From Windows PowerShell, run the Get-WsManCredSSP cmdlet.

Answer: B

Q10. Your network contains two single-domain Active Directory forests named contoso.com and contosoadmin.com. Contosoadmin.com contains all of the user accounts used to manage the servers in contoso.com.

You need to recommend a workstation solution that provides the highest level of protection from vulnerabilities and attacks.

What should you include in the recommendation?

A. Provide a Privileged Access Workstation (PAW) for each user account in both forests. Join each PAW to the contoso.com domain.

B. Provide a Pnvileged Access Workstation (PAW) for each user in the contoso.com forest Join each PAW to the contoso.com domain.

C. Provide a Pnvileged Access Workstation (PAW) for each administrator. Join each PAW to the contoso.com domain.

D. Provide a Pnvileged Access Workstation (PAW) for each administrator. Join each PAW to the contosoadmin.com domain.

Answer: B