70-680 Exam
windows 7 configuration exam 70-680 questions and answers : Nov 2021 Edition
Guarantee to be able to Microsoft Microsoft exam, Ucertify.com presents you the thing you need to pass Microsoft Microsoft exam thats a Microsoft certification. The practice tests which contain latest actual questions along with actual answers are incomparable in top quality and 100% ensure to make an individual pass the Microsoft Microsoft exam. Or else, we will give you a full refund of the purchasing charge. We will be the only vendor whom offers a pair of versions without demand any other costs, printable Pdf and examination engine.
2021 Nov windows 7 configuration exam 70-680:
Q151. - (Topic 2)
You work as the desktop support technician at Abc.com. The Abc.com network consists of a single Active Directory domain named Abc.com. All client computers on the Abc.com network run Windows Vista Business.
You have been instructed to upgrade a client computer named CERTKILLER-WS620 to Microsoft Windows 7 Professional. CERTKILLER-WS620 has the following specifications:
Drive C (system drive) has 12 gigabytes (GB) of free space.
Drive D (data drive) has 40 GB of free space.
Four memory slots with two occupied by 512 megabyte (MB) memory sticks.
One 2.0 gigahertz (GHz) 32-bit processor.
You need to ensure that Windows 7 Professional can be installed on CERTKILLER-WS620.
What should you do?
A. You should consider installing Windows 7 on Drive D.
B. You should consider creating more free space on Drive C.
C. You should consider upgrading the memory.
D. You should consider upgrading the processor.
Answer: B
Q152. - (Topic 1)
If you have a router in the network your connected to and the Default Gateway is set to
192.168.1.1 and the subnet mask is 255.255.255.0, which of the following are useable IP addresses on that network?
A. 192.168.1.1
B. 192.168.1.300
C. 192.168.1.30
D. 192.168.2.10
Answer: C
Q153. - (Topic 3)
Your network contains computers that run Windows 7 and Windows Vista. All computers are members of the same domain. You have a computer named Computer1 that runs Windows 7.
You need to ensure that users can remotely log on to Computer1 from any computer on the network.
What should you do on Computer1?
A. Select the Allow Remote Assistance connections to this computer check box. Add the Domain Users group to the Power Users group.
B. Select the Allow Remote Assistance connections to this computer check box. Add the Domain Users group to the Administrators group.
C. Select the Allow connections from computers running any version of Remote Desktop (less secure) check box. Add the Domain Computers group to the Remote Desktop Users group.
D. Select the Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure) check box. Add the Domain Users group to the Remote Desktop Users group.
Answer: D
Q154. - (Topic 2)
You have two computers that run Windows 7. Both computers are connected to a network and have IP addresses within the 172.16.10.0/24 subnet.
You need to ensure that both computers can join a HomeGroup.
What should you do?
A. Enable network discovery.
B. Set the network location to Home network.
C. Configure Windows Firewall to allow the Netlogon service.
D. Change the IP addresses to be within the 192.168.1.0/24 subnet.
Answer: B
Explanation:
Windows Firewall does not allow you to create firewall rules for specific network locations on the basis of port address. Windows Firewall does not allow you to create rules that differentiate between the home and work network locations. You can only create rules that differentiate on the basis of home and work or public network locations.HomeGroup ConnectionsThis option decides how authentication works for connections to HomeGroup resources. If all computers in the HomeGroup have the same user name and passwords configured, you can set this option to allow Windows to manage HomeGroup connections. If different user accounts and passwords are present, you should configure the option to use user accounts and passwords to connect to other computers. This option is available only in the Home/Work network profile.
Q155. - (Topic 2)
You have a computer that runs Windows 7. You connect to your company's network by using a VPN connection.
You discover that when you establish the VPN connection, you are unable to access Internet Web sites.
When you disconnect the VPN connection, you can access Internet Web sites.
You need to access Internet Web sites while you are connected to the VPN.
What should you do?
A. Configure the VPN connection to use only PPTP.
B. Configure the VPN connection to use only L2TP/IPSec.
C. From the Internet Protocol Version 4 (TCP/IPv4) properties of the local area connection, disable the Automatic metric setting.
D. From the Internet Protocol Version 4 (TCP/IPv4) properties of the VPN connection, disable the Use default gateway on remote network setting.
Answer: D
Explanation:
To prevent the default route from being created In the properties of the TCP/IP protocol of the dial-up connection object, in the Advanced TCP/IP Settings dialog box, click the General tab, and then clear the Use default gateway on remote network check box.
Up to the minute windows 7 configuration exam 70-680 questions and answers:
Q156. - (Topic 2)
You have a computer that runs Windows 7.
You manually create a system restore point.
You need to restore a copy of a file stored on a drive C from two days ago.
You must act with minimum administrative effort.
What should you do?
A. From recovery, select System Restore.
B. From Backup and restore, select Rrestore my files.
C. From the command prompt, run Wbadmin get items.
D. From the properties of the file, select Previous Versions.
Answer: D
Explanation:
How do I view or restore previous versions of a file and folder? Right-click the file or folder, and then click Restore previous versions. You'll see a list of available previous versions of the file or folder. The list will include files saved on a backup (if you're using Windows Backup to back up your files) as well as restore points. To restore a previous version of a file or folder that's included in a library, right-click the file or folder in the location where it's saved, rather than in the library. For example, to restore a previous version of a picture that's included in the Pictures library but is stored in the My Pictures folder, right-click the My Pictures folder, and then click Restore previous versions. For more information about libraries, see Include folders in a library.
The Previous Versions tab, showing some previous versions of files
NOT System Restore: System Restore restores system files and settings and does not affect any of your documents, pictures, or other personal data.
NOT Backup and Restore: System restore point was created, no backup meantioned.NOT Wbadmin: The Backup And Restore console does not provide a graphical tool for scheduling System Image backups. You need to create a System Image backup manually from the Backup And Restore console whenever you have made significant changes to a computer's configuration. Take care that if you restore a System Image backup and boot from it, or if you make the VHD bootable for failover protection, your computer could be vulnerable unless the System Image includes security updates. Although you cannot use Backup And Restore to schedule System Image backups, you can use the Wbadmin command-line utility to perform this function. For example, to initiate a System Image backup of the C: drive to the H: drive, you run the following command from an elevated command prompt: wbadmin start backup –backuptarget:h: -include:c: -quiet
Q157. - (Topic 3)
You deploy a custom image to a computer and discover that the Telnet Client feature is disabled.
You need to ensure that the Telnet Client feature is enabled when you deploy the image.
You must achieve this goal in the minimum amount of time.
What should you do?
A. Enable the Telnet Client feature on the computer. Generalize the computer and capture the image.
B. Create an unattended file that enables Telnet Client. Generalize the computer and specify the unattended file. Capture the image.
C. Mount the image. Run Ocsetup.exe TelnetClient. Commit the changes and unmount the image.
D. Mount the image. Run Dism.exe and specify /image and /enable-feature:TelnetClient switches. Commit the changes and unmount the image.
Answer: D
Explanation:
NOTE: "when you deploy the image." Implies for future installations, not the current one.
Therefore the imagefile must be updated.
Dism Deployment Image Servicing and Management (DISM) is a command-line tool used to service Windows. images offline before deployment. You can use it to install, uninstall, configure, and update Windows features, packages, drivers, and international settings.
Subsets of the DISM servicing commands are also available for servicing a running operating system. Windows 7 introduces the DISM command-line tool. You can use DISM to service a Windows image or to prepare a Windows PE image. DISM replaces Package Manager (Pkgmgr.exe), PEimg, and Intlcfg in Windows Vista, and includes new features to improve the experience for offline servicing. You can use DISM to perform the following actions:
-Prepare a Windows PE image.
-Enable or disable Windows features within an image.
-Upgrade a Windows image to a different edition.
-Add, remove, and enumerate packages.
-Add, remove, and enumerate drivers.
-Apply changes based on the offline servicing section of an unattended answer file.
-Configure international settings.
-Implement powerful logging features.
-Service operating systems such as Windows Vista with SP1 and Windows Server 2008.
-Service a 32-bit image from a 64-bit host and service a 64-bit image from a 32-bit host.
-Service all platforms (32-bit, 64-bit, and Itanium).
-Use existing Package Manager scripts.
Q158. - (Topic 1)
You have a stand-alone computer named Computer1 that runs Windows 7. Several users share Computer1.
You need to prevent all users who are members of a group named Group1 from running Windows Media Player. All other users must be allowed to run Windows Media Player.
You must achieve this goal by using the least amount of administrative effort. What should you do?
A. From Software Restriction Policies, create a path rule.
B. From Software Restriction Policies, create a hash rule.
C. From Application Control Policies, create the default rules.
D. From Application Control Policies, create an executable rule.
Answer: D
Explanation:
Executable Rules Executable rules apply to files that have .exe and .com file extensions. AppLocker policies are primarily about executable files, and it is likely that the majority of the AppLocker policies that you work with in your organizational environment will involve executable rules. The default executable rules are path rules that allow everyone to execute all applications in the Program Files folder and the Windows folder. The default rules also allow members of the administrators group to execute applications in any location on the computer. It is necessary to use the default executable rules, or rules that mirror their functionality, because Windows does not function properly unless certain applications, covered by these default rules, are allowed to execute. When you create a rule, the scope of the rule is set to Everyone, even though there is not a local group named Everyone. If you choose to modify the rule, you can select a specific security group or user account. NOT Default rulesDefault rules are a set of rules that can be created automatically and which allow access to default Windows and program files. Default rules are necessary because AppLocker has a built-in fallback block rule that restricts the execution of any application that is not subject to an Allow rule. This means that when you enable AppLocker, you cannot execute any application, script, or installer that does not fall under an Allow rule. There are different default rules for each rule type. The default rules for each rule type are general and can be tailored by administrators specifically for their environments. For example, the default executable rules are path rules. Security-minded administrators might replace the default rules with publisher or hash rules because these are more secure.NOT Path RulesPath rules, allow you to specify a file, folder, or registry key as the target of a Software Restriction Policy. The more specific a path rule is, the higher its precedence. For example, if you have a path rule that sets the file C: \Program files\Application\App.exe to Unrestricted and one that sets the folder C:\Program files\Application to Disallowed, the more specific rule takes precedence and the application can execute. Wildcards can be used in path rules, so it is possible to have a path rule that specifies C:\Program files\Application\*.exe. Wildcard rules are less specific than rules that use a file's full path. The drawback of path rules is that they rely on files and folders remaining in place. For example, if you created a path rule to block the application C:\Apps\Filesharing.exe, an attacker could execute the same application by moving it to another directory or renaming it something other than Filesharing.exe. Path rules work only when the file and folder permissions of the underlying operating system do not allow files to be moved and renamed.NOT Hash RulesHash rules, work through the generation of a digital fingerprint that identifies a file based on its binary characteristics. This means that a file that you create a hash rule for will be identifiable regardless of the name assigned to it or the location from which you access it. Hash rules work on any file and do not require the file to have a digital signature. The drawback of hash rules is that you need to create them on a per-file basis. You cannot create hash rules automatically for Software Restriction Policies; you must generate each rule manually. You must also modify hash rules each time that you apply a software update to an application that is the subject of a hash rule. Software updates modify the binary properties of the file, which means that the modified file does not match the original digital fingerprint.
Q159. - (Topic 4)
You have a computer running Windows 7. You create a VHD and install Windows 7 in it.
You reboot your system and notice that the boot menu now shows two installations of Windows 7.
How do you fix it?
A. Use Sysprep with an answer file to disable one installation.
B. Run the BCDEdit command.
C. Run the Start/w ocsetup command.
D. Run the Dism command
E. Add a boot image and create a capture image in WDS.
F. Run the PEImg /Prepcommand.
G. Run the ImageX command with the /Mount parameter.
H. Run the Dism command with the /Mount-Wim option.
I. Run the Dism command with the /Add-Package option.
J. Run the DiskPart command and the Attach command option.
K. Add a boot image and create a capture image in WDS
Answer: B
Explanation:
BCDEdit Command-Line Options Boot Configuration Data (BCD) files provide a store that is used to describe boot applications and boot application settings. The objects and elements in the store effectively replace Boot.ini. BCDEdit is a command-line tool for managing BCD stores. It can be used for a variety of purposes, including creating new stores, modifying existing stores, adding boot menu options, and so on. BCDEdit serves essentially the same purpose as Bootcfg.exe on earlier versions of Windows, but with two major improvements: BCDEdit exposes a wider range of boot options than Bootcfg.exe. BCDEdit has improved scripting support.
Note
Administrative privileges are required to use BCDEdit to modify BCD.
BCDEdit is the primary tool for editing the boot configuration of Windows Vista and later versions of Windows. It is included with the Windows Vista distribution in the %WINDIR%\System32 folder.
BCDEdit is limited to the standard data types and is designed primarily to perform single common changes to BCD. For more complex operations or nonstandard data types, consider using the BCD Windows Management
Instrumentation (WMI) application programming interface (API) to create more powerful and flexible custom tools.
Q160. - (Topic 5)
You use a computer that has Windows 7 SP1 installed to access your company's internal website. The website requires a secure connection. The certificate is a self-signed Secure Socket Layer (SSL).
You attempt to connect to the internal website. You receive the following error message:
"There is a problem with this website's security certificate."
You need to be able to connect to the internal website successfully.
What should you do?
A. From Internet Explorer, add the website to the Local Intranet zone.
B. From Certificate Manager, import the website's certificate into the computer's Trusted Publishers store.
C. From Certificate Manager, import the website's certificate into your Trusted Root Certification Authorities store.
D. From Certificate Manager, import the website's certificate into your Personal store.
Answer: D