70-680 Exam
Advanced Guide: mcts 70 680
Testking offers free demo for mcts 70 680 exam. "TS:Windows 7,Configuring", also known as mcts 70 680 exam, is a Microsoft Certification. This set of posts, Passing the Microsoft exam 70 680 exam, will help you answer those questions. The 70 680 pdf Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft 70 680 pdf exams and revised by experts!
Q171. - (Topic 1)
You have a portable computer that runs Windows 7. You configure the computer to enter sleep mode after 10 minutes of inactivity. You do not use the computer for 15 minutes and discover that the computer has not entered sleep mode.
You need to identify what is preventing the computer from entering sleep mode.
What should you do?
A. At a command prompt, run Powercfg energy.
B. At a command prompt, run Systeminfo /s localhost.
C. From Performance Monitor, review the System Summary.
D. From Performance Information and Tools, review the detailed performance and system information.
Answer: A
Explanation:
Command-line Power Configuration Powercfg.exe is a command-line utility that you can use from an administrative command prompt to manage Windows 7 power settings. It is possible to use Powercfg.exe to configure a number of Windows 7 powerrelated settings that you cannot configure through Group Policy or the Advanced Plan Settings dialog box. You can use Powercfg.exe to configure specific devices so that they are able to wake the computer from the Sleep state. You can also use Powercfg.exe to migrate power policies from one computer running Windows 7 to another by using the import and export functionality. -energy Check the computer for common energy-efficiency and battery life problems. Provides report in Hypertext Markup Language (HTML) format.For more information on Powercfg.exe, consult the following Microsoft TechNet document: http://technet.microsoft.com/en-us/library/cc748940.aspx.
Q172. - (Topic 2)
You have a computer that runs windows 7.
You have a third-party application.
You need to ensure that only a specific version of the application runs on the computer.
You have the application vendor's digital signature.
What should you do?
A. From Application Control Policies, configure a path rule.
B. From Application Control Policies, configure a publisher rule.
C. From Software Restriction policies, configure a path rule.
D. From Software Restriction policies, configure a certificate rule.
Answer: B
Explanation:
AppLocker Application Control Policies AppLocker is a feature new to Windows 7 that is available only in the Enterprise and Ultimate editions of the product. AppLocker policies are conceptually similar to Software Restriction Policies, though AppLocker policies have several advantages, such as the ability to be applied to specific user or group accounts and the ability to apply to all future versions of a product. As you learned earlier in this chapter, hash rules apply only to a specific version of an application and must be recalculated whenever you apply software updates to that application. AppLocker policies are located in the Computer Configuration\Windows Settings\ Security Settings \Application Control Policies node of a standard Windows 7 or Windows Server 2008 R2 GPO. AppLocker relies upon the Application Identity Service being active. When you install Windows 7, the startup type of this service is set to Manual. When testing AppLocker, you should keep the startup type as Manual in case you configure rules incorrectly. In that event, you can just reboot the computer and the AppLocker rules will no longer be in effect. Only when you are sure that your policies are applied correctly should you set the startup type of the Application Identity Service to Automatic. You should take great care in testing AppLocker rules because it is possible to lock down a computer running Windows 7 to such an extent that the computer becomes unusable. AppLocker policies are sometimes called application control policies. AppLocker Application Control Policies - Publisher Rules Publisher rules in AppLocker work on the basis of the code-signing certificate used by the file's publisher. Unlike a Software Restriction Policy certificate rule, it is not necessary to obtain a certificate to use a publisher rule because the details of the digital signature are extracted from a reference application file. If a file has no digital signature, you cannot restrict or allow it using AppLocker publisher rules. Publisher rules allow you more flexibility than hash rules because you can specify not only a specific version of a file but also all future versions of that file. This means that you do not have to re-create publisher rules each time you apply a software update because the existing rule remains valid. You can also allow only a specific version of a file by setting the Exactly option.AppLocker Application Control Policies - Path RulesAppLocker path rules work in a similar way to Software Restriction Policy path rules. Path rules let you specify a folder, in which case the path rule applies to the entire contents of the folder, including subfolders, and the path to a specific file. The advantage of path rules is that they are easy to create. The disadvantage of path rules is that they are the least secure form of AppLocker rules. An attacker can subvert a path rule if they copy an executable file into a folder covered by a path rule or overwrite a file that is specified by a path rule. Path rules are only as effective as the file and folder permissions applied on the computer.
Software Restriction Policies Software Restriction Policies is a technology available to clients running Windows 7 that is available in Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008. You manage Software Restriction Policies through Group Policy. You can find Software Restriction Policies in the Computer Configuration \Windows Settings\Security Settings\Software Restriction Policies node of a group policy. When you use Software Restriction Policies, you use the Unrestricted setting to allow an application to execute and the Disallowed setting to block an application from executing. You can achieve many of the same application restriction objectives with Software Restriction Policies that you can with AppLocker policies. The advantage of Software Restriction Policies over AppLocker policies is that Software Restriction Policies can apply to computers running Windows XP and Windows Vista, as well as to computers running Windows 7 editions that do not support AppLocker. The disadvantage of Software Restriction Policies is that all rules must be created manually because there are no built-in wizards to simplify the process of rule creation.Software Restriction Policies - Path Rules Path rules, allow you to specify a file, folder, or registry key as the target of a Software Restriction Policy. The more specific a path rule is, the higher its precedence. For example, if you have a path rule that sets the file C: \Program files\Application\App.exe to Unrestricted and one that sets the folder C:\Program files\Application to Disallowed, the more specific rule takes precedence and the application can execute. Wildcards can be used in path rules, so it is possible to have a path rule that specifies C:\Program files\Application\*.exe. Wildcard rules are less specific than rules that use a file's full path. The drawback of path rules is that they rely on files and folders remaining in place. For example, if you created a path rule to block the application C:\Apps\Filesharing.exe, an attacker could execute the same application by moving it to another directory or renaming it something other than Filesharing.exe. Path rules work only when the file and folder permissions of the underlying operating system do not allow files to be moved and renamed. Software Restriction Policies - Certificate Rules Certificate rules use a code-signed software publisher's certificate to identify applications signed by that publisher. Certificate rules allow multiple applications to be the target of a single rule that is as secure as a hash rule. It is not necessary to modify a certificate rule in the event that a software update is released by the vendor because the updated application will still be signed using the vendor's signing certificate. To configure a certificate rule, you need to obtain a certificate from the vendor. Certificate rules impose a performance burden on computers on which they are applied because the certificate's validity must be checked before the application can execute. Another disadvantage of certificate rules is that they apply to all applications from a vendor. If you want to allow only 1 application from a vendor to execute but the vendor has 20 applications available, you are better off using a different type of Software Restriction Policy because otherwise users can execute any of those other 20 applications.
Q173. - (Topic 2)
A user telephones your help desk. Her Favorites list is corrupt and she is having problems accessing the Web sites she visits regularly. All the computers in your organization are backed up every night with a file and folder backup that uses default settings. A restore point was created on all the company's client computers 24 hours ago because a new device driver was installed. You performed a System Image backup on all the computers in your organization three weeks ago. The user is not computer-literate and you need to fix the problem for her.
What is the most efficient way to do so?
A. Perform a system restore.
B. Perform a System Image restore.
C. Use the Restore Files Wizard to restore the Favorites folder in the user's backed-up profile.
D. Access the History tab under Favorites on the user's browser. Browse to recently visited sites and add them to Favorites.
Answer: C
Q174. - (Topic 5)
You have a computer that has the following hardware configuration:
1.6-gigahertz (GHz) processor (64-bit)
8-GB RAM
500-GB hard disk
Graphics card that has 128-MB RAM
You need to select an edition of Windows 7 to meet the following requirements:
Support DirectAccess
Support Windows XP Mode
Use all of the installed memory
Support joining an Active Directory domain
Which edition should you choose?
A. Windows 7 Enterprise (x86)
B. Windows 7 Professional (64-bit)
C. Windows 7 Enterprise (64-bit)
D. Windows 7 Ultimate (x86)
Answer: C
Q175. - (Topic 2)
You have a computer that runs Windows XP Service Pack 2 (SP2).
You need to upgrade the operating system to Windows 7.
You must achieve this goal in the minimum amount of time.
What should you do?
A. Upgrade to Windows Vista SP2. From the Windows 7 installation media, run Setup.exe and select the Upgrade option.
B. Upgrade to Windows Vista SP2. From the Windows 7 installation media, run Setup.exe and select the Custom (advanced) option.
C. Install Windows XP Service Pack 3 (SP3). Run Setup.exe from the Windows 7 installation media and select the Upgrade option.
D. Install Windows XP Service Pack 3 (SP3). Run Setup.exe from the Windows 7 installation media and select the Custom (advanced) option.
Answer: A
Q176. - (Topic 2)
You are deciding on which storage devices you want to configure system protection. System protection is enabled by default on your C: drive, which holds your system files. No other storage device on your computer has system protection enabled.
On which of the following storage devices can you enable system protection? (Choose all that apply.)
A. Your second internal hard disk, formatted with NTFS
B. An external USB hard disk formatted with FAT
C. A USB flash drive
D. Your optical drive
E. A mounted VHD created on your second internal hard disk
Answer: A,E
Q177. - (Topic 1)
Your company has a main office and a branch office. The relevant portion of the network is configured as shown in the exhibit. (Click the Exhibit button.)
In the branch office, you deploy a new computer named Computer1 that runs Windows 7.
You need to assign an IP address to Computer1.
Which IP address should you use?
A. 192.168.2.30
B. 192.168.2.40
C. 192.168.2.63
D. 192.168.2.65
Answer: B
Explanation:
Internal IP Adress of router is 192.168.2.62/27Leaves 5 bits for range = 32 addresses (including the 2 reserved addresses)Subnet Mask = 255.255.255.224
Q178. - (Topic 5)
You use a computer that has Windows 7 SP1 installed. The computer has a shared folder named C:\Software.
User1 is a local user account on the computer. The account is a member of several groups that have access to the C:\Software folder.
You need to verify whether User1 can save files to C:\Software.
What should you do?
A. Run the Net Share command.
B. Run the Wfs C:\Software command.
C. In the Advanced Security Settings for the Documents folder, select the Effective Permissions tab.
D. Run the Fsutil C:\Software command.
Answer: C
Explanation: To view effective permissions on files and folders . Open Windows Explorer, and then locate the file or folder for which you want to view effective permissions.
Right-click the file or folder, click Properties, and then click the Security tab.
Click Advanced, click the Effective Permissions tab, and then click Select.
In Enter the object name to select (examples), enter the name of a user or group, and then click OK. The selected check boxes indicate the effective permissions of the user or group for that file or folder.
Q179. DRAG DROP - (Topic 6)
You have a computer that runs WindowsXP. The computer has one partition. You install Windows 7 on the computer.
You need to migrate a user profile from the Windows XP installation to Windows 7 installation.
What should you do first? (To answer, drag the appropriate command from the list of command to the correct location or locations in the work area.)
Answer:
Q180. - (Topic 2)
You are preparing a custom Windows 7 image for deployment.
You need to install a third-party network interface card (NIC) driver in the image.
What should you do?
A. Run Pkgmgr.exe and specify the /ip parameter.
B. Run Dism.exe and specify the /add-driver parameter.
C. Create a new answer file by using Windows System Image Manager (Windows SIM). Run Pkgmgr.exe and specify the /n parameter.
D. Create a new answer file by using Windows System Image Manager (Windows SIM). Run Dism.exe and specify the /apply-unattend parameter.
Answer: B
Explanation:
Dism Deployment Image Servicing and Management (DISM) is a command-line tool used to service Windows. images offline before deployment. You can use it to install, uninstall, configure, and update Windows features, packages, drivers, and international settings. Subsets of the DISM servicing commands are also available for servicing a running operating system. Windows 7 introduces the DISM command-line tool. You can use DISM to service a Windows image or to prepare a Windows PE image. DISM replaces Package Manager (Pkgmgr.exe), PEimg, and Intlcfg in Windows Vista, and includes new features to improve the experience for offline servicing. You can use DISM to perform the following actions:
-Prepare a Windows PE image.- Enable or disable Windows features within an image.-Upgrade a Windows image to a different edition.- Add, remove, and enumerate packages.-Add, remove, and enumerate drivers.- Apply changes based on the offline servicing section of an unattended answer file.- Configure international settings.- Implement powerful logging features.- Service operating systems such as Windows Vista with SP1 and Windows Server 2008.- Service a 32-bit image from a 64-bit host and service a 64-bit image from a 32-bit host.- Service all platforms (32-bit, 64-bit, and Itanium).- Use existing Package Manager scripts.