70-685 Exam
Top Far out 70-685 training Reviews!
100% Correct of 70-685 exam materials and guidance for Microsoft certification for examinee, Real Success Guaranteed with Updated 70-685 pdf dumps vce Materials. 100% PASS Pro: Windows 7, Enterprise Desktop Support Technician exam Today!
2021 Apr 70-685 test question
Q41. You need to recommend a solution to back up BitLocker recovery information based on the company's existing data protection requirements. The solution must include the backup destination and the solution prerequisites.
What should you recommend? (Choose all that apply.)
A. Upgrade all Windows XP client computers to Windows 7.
B. Store the BitLocker recovery information in Active Directory.
C. Create a GPO to enroll users for a Basic EFS certificate automatically.
D. Raise the forest functional level to Windows Server 2008 R2.
E. Store each user's BitLocker recovery information on USB keychain drives.
F. Import the BitLockerTPMSchemaExtension.ldf file to Active Directory.
Answer: BF
Q42. All client computers on your company network run Windows 7. An employee installs several new applications on a computer.
After the applications are installed, the computer takes longer to start.
You need to reduce the startup process time.
What should you do?
A. Run the MSConfig tool.
B. Run the bcdedit command.
C. Use the Services console to stop the applications.
D. Use the Task Manager tool to stop the applications.
Answer: A
Q43. All client computers on your company network run Windows 7 and are members of an Active Directory Domain Services (AD DS) domain named contoso.com. DNS is the only name-resolution protocol used on the network. A member server named serveri.contoso.com runs Windows Server 2008 R2. You change the IP address of serverl.contoso.com.
When users attempt to connect to serverl.contoso.com from their client computers, the URL resolves to the incorrect IP address.
You need to recommend an approach for resolving serverl.contoso.com correctly from all client computers.
What should you do?
A. Run the ipconfig /registerdns command from the client computers that are experiencing the issue.
B. Add a serverl.contoso.com entry pointing to the fully qualified domain name (FQDN) to the LMHOSTS file on each client computer that is experiencing the issue.
C. Add a serverl.contoso.com entry pointing to the correct IP address to the LMHOSTS file on each client computer that is experiencing the issue.
D. Run the ipconfig /registerdns command from serverl.contoso.com.
Answer: D
Q44. Users report that it takes a long time to access resources by using DirectAccess.
You need to provide the network administrator with a network capture of DirectAccess traffic.
Which tool should you use?
A. Netsh.exe
B. Netstat.exe
C. Perfmon.exe
D. Winsat.exe
Answer: A
Q45. A shared client computer running Windows 7 is responding and loading applications slowly. Windows Task Manager indicates that available memory is low and that several applications, which are not running on the desktop, are using a large amount of memory. You need to recommend an approach for optimizing the performance of the client computer. What is the best approach to achieve the goal? (More than one answer choice may achieve the goal. Select the BEST answer.)
A. Use Task Manager to end unknown processes and processes that are not associated with the currently active user account
B. Log off all users other than the currently active user from the client computer
C. Restart Windows Explorer
D. In the Services Management console, stop unnecessary services
Answer: D
Rebirth 70-685 exam question:
Q46. All client computers on your company network run Windows 7 and are members of an Active Directory Domain Services (AD DS) domain.
A network administrator changes the IP address of a file server.
Employees are unable to connect to the file server.
You need to ensure that the employees are able to connect to the file server immediately.
Which command should you instruct the employees to run?
A. ipconfig /showdns
B. ipconfig /registerdns
C. ipconfig /flushdns
D. Ipconfig /renew
Answer: C
Q47. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 9, Wingtip Toys
Scenario:
You are an enterprise desktop support technician for Wingtip Toys. Wingtip Toys has two offices.
Active Directory Configuration
The network contains a single Active Directory domain. An Active Directory site exists for each office. The network contains the organizational units (OUs) that are shown in the following table:
The network contains an enterprise root certification authority (CA). Certificate autoenrollement is enabled for all users.
Network Configuration
Each office has a wireless network. You control access to the wireless network in office 1 by using Network Access Protection (NAP). A Group Policy object (GPO) named GPO1 configures the NAP settings for the computers in office 1.
Resource Access
The Documents folders of all users are encrypted by using Encrypting File System (EFS). The Documents folders of all users are backed up daily.
A Web server named Web1 hosts an internal Web site named WebSite1. Users connect to WebSite1 from the Internet by using the URL http://website1.wingtiptoys.com. The domain name website1.wingtiptoys.com is resolved by using the hosts file that is located on each client computer.
Users frequently work from home. Home users connect to the internal network by using SSTP- based VPN connections.
Line of Business Applications
Your company has a line-of-business application named App1. App1 is installed only on computers that run Windows XP. You test App1 by using the Microsoft Application Compatibility Toolkit (ACT). ACT reports that App1 can be made compatible to run on Windows 7.
You deploy App1 on a test Windows 7 computer and notice that it fails to run.
You need to ensure that App1 runs on Windows 7 computers.
What should you do?
A. Digitally sign App1.
B. Develop and deploy a shim for App1.
C. Configure an AppLocker policy.
D. Configure a Software Restriction Policy.
Answer: B
Q48. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 10, Humongous Insurance
Scenario:
You are an enterprise desktop support technician for Humongous Insurance.
Active Directory Configuration
The company has two offices named Office1 and Office2.
The network contains an Active Directory forest named humongousinsurance.com. An Active Directory site exists for each office. The sites are named Site1 and Site2.
Server Configuration
All servers run Windows Server 2008 R2 and are joined to the domain. The relevant servers are configured as shown in the following table:
The corporate security policy states that all domain controllers must have only the following roles:
AD DS
DNS server
DHCP server
Network Configuration
Site1 and Site2 connect to each other by using a WAN link.
Client Computer Configuration
All client computers run Windows 7 Enterprise and are members of the domain. Some client computers are portable computers and some are desktop computers. The computers do not support hardware virtualization.
All computers are configured to receive Windows Updates from WSUS1.
Remote Access Configuration
Users can connect to NPAS1 from the Internet by using all of the VPN protocols that are supported by Windows Server 2008 R2.
Fabrikam, Inc. is a customer of Humongous Insurance. Several Humongous Insurance users work at the Fabrikam office and access resources on the Humongous Insurance network by using direct VPN connections to NPAS1. Fabrikam contains several wireless access points.
Application Configuration
All computers in the finance department run a custom application suite named App1.
Several users in the sales department install an application named App2. App2 runs as a service and logs on by using the credentials of the user who installed the application.
Several users in the sales department report that their user accounts are locked out shortly after they change their user passwords.
You need to minimize the number of account lockouts that occur after the users change their passwords.
What should you instruct the users to do?
A. Delete all entries from the Credential Manager vault.
B. Change their passwords and then create a password reset disk.
C. Change their passwords and then configure App2 to log on by using a service account.
D. Change their passwords and then log off and log back on to their computers.
Answer: C
Q49. A client computers on your company network run Windows 7. Employees log on to their computers as Standard users.
There is a zero-day malicious software attack affecting your network. Employees receive User AccountControl (UAC) messages frequently requesting permission to elevate privileges. You know that this malicious software attack is responsible for these UAC prompts.
You need to ensure that employees are unable to provide elevated credentials.
What should you do?
A. Configure the Group Policy User Account Control: Only elevate executables that are signed and validated setting to Disabled.
B. Configure the Group Policy User Account Control: Switch to the secure desktop when prompting for elevation setting to Disabled.
C. Configure the Group Policy User Account Control: Behavior of the elevation prompt for standard users setting to Automatically deny elevation requests.
D. Configure the Group Policy User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode setting to Prompt for consent for non-Windows binaries.
Answer: C
Q50. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 2, City Power & Light
Scenario:
You are an enterprise desktop support technician for City Power & Light.
City Power & Light is a utility company. The company has a main office and a branch office. The main office is located in Toronto. The branch office is located in Boston. The main office has 1,000 employees. The branch office has 10 employees.
Active Directory Configuration
The network contains a single Active Directory domain named cpandl.com. The functional level of the forest is Windows Server 2008 R2.
Server Configuration
All servers run Windows Server 2008 R2. The relevant servers in the main office are configured as shown in the following table:
All computers in the main office are configured to use DHCP. All computers in the branch office are configured to use static IP addresses.
User Information
All user accounts are standard user accounts.
All client computers run Windows 7 Enterprise.
Each portable computer has a PPT P-based VPN connection to the internal network.
Corporate Security Guidelines
All users must be granted the least privileges possible.
All locally stored documents must be encrypted by using Encrypting File System (EFS).
The hard disk drives on all port able computers must be encrypted by using Windows BitLocker Drive
Encryption (BitLocker).
All encryption certificates must be stored on smart cards.
The company is deploying a new application.
When users attempt to install the application, they receive an error message indicating that they need administrative privileges to install it.
You need to recommend a solution to ensure that users can install the application. The solution must adhere to the corporate security guidelines.
What should you recommend?
A. Publish the application by using a Group Policy.
B. Disable User Account Control (UAC) by using a Group Policy.
C. Add all domain users to the local Power Users group by using Restricted Groups.
D. Add the current users to the local Administrators group by using Group Policy preferences.
Answer: A