70-685 Exam
How Does Actualtests Microsoft 70-685 answers Work?
we provide 100% Guarantee Microsoft 70-685 actual test which are the best for clearing 70-685 test, and to get certified by Microsoft Pro: Windows 7, Enterprise Desktop Support Technician. The 70-685 Questions & Answers covers all the knowledge points of the real 70-685 exam. Crack your Microsoft 70-685 Exam with latest dumps, guaranteed!
Q1. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 13, Enterprise Company
Scenario:
Background
You are the desktop support technician for an Enterprise Company. The company offices, sizes, and platforms are shown in the following table:
Software Environment
The company has a single Active Directory Domain Services (AD DS) forest with one domain. All domain controllers run Windows Server 2008 R2. The forest and domain functional levels are set to Windows Server 2008 R2.
The company outsources sales support to a third party.
Each member of the Sales Support team has an AD DS user account in a global security group named Sales.
The Sales security group and the AD DS user accounts for the Sales Support team reside in an organizational unit (OU) named Sales Support.
Members of the Sales Support team do not use domain-joined client computers.
With the exception of the Sales Support team, all user accounts reside in an OU named Employees.
All client computers reside in an OU named Client Computers.
A global security group named Accounting contains users with domain accounts. They use portable computers running Windows 7 that are joined to the domain.
The company uses DirectAccess for remote access connectivity. Windows 7 domain-joined computers have been configured to use DirectAccess.
The company uses Microsoft Exchange and Outlook Web App (OWA) for email and collaboration. The company has enabled password reset through OWA.
The company uses AppLocker to prevent users from running certain programs. AppLocker rules are defined at the domain-level in the Corp Group Policy object (GPO). Corp GPO only contains AppLocker policy settings.
Wireless Requirements
The company has wireless access points (WAPs) that provide wireless connectivity at some locations. The company uses a GPO named WiFi to enforce wireless security. The WiFi GPO is linked to the domain.
The company mandates that all domain-joined computers must connect to corporate WAPs automatically. The company's 802.1 X authentication server must be used for client computer connections to the WAP.
Visitors and contractors are unable to connect to the corporate wireless network.
Management has mandated that a guest wireless network be established that meets the following criteria:
Users should not have to provide credentials.
Maximize wireless network performance.
Minimize administrative overhead.
Data Protection Environment
Full system backups are performed on client computers on Sundays with one week of retention.
All client computers are configured with System Protection settings to restore only previous versions of files.
The company's help desk technicians spend a significant amount of time researching whether remote access issues are related to the corporate network or to Accounting group users' Internet connectivity.
You need to recommend a solution that minimizes time spent indentifying the cause of the remote access issues.
What should you recommend?
A. Deploy the DirectAccess Connectivity Assistant on the Accounting group's portable computers.
B. Deploy the DirectAccess Connectivity Assistant on the help desk technicians' computers.
C. Enable Windows Firewall logging on DirectAccess servers.
D. Enable Windows Firewall logging on the portable computers.
Answer: A
Q2. Each day, 100 users in Office2 download a 5-MB product catalog file from a share on Server1.
The network administrator reports that the downloads cause an excessive load on the WAN link between Office1 and Office2.
You need to recommend a solution to minimize WAN utilization. The solution must not require that additional servers be deployed.
What should you recommend?
A. BranchCache in distributed cache mode
B. BranchCache in hosted cache mode
C. Distributed File System Replication (DFSR)
D. File Server Resource Management (FSRM)
Answer: A
Q3. All client computers on your company network run Windows 7 and all servers on your company network run Windows Server 2008. The computers and the servers are members of an Active Directory Domain Services domain. A network administrator moves the Internet Information Services (IIS) server to a different network segment and configures the appropriate network settings.
Employees are unable to connect to the IIS server.
You confirm that the network settings are appropriate.
You need to ensure that all employees are able to connect to the IIS server.
What should you do?
A. Restart the DNS Client service on the DNS servers.
B. Restart the DNS Server service on the DNS servers.
C. Run the nbtstat r command on the employees' computers.
D. Run the ipconfig /flushdns command on the employees' computers.
Answer: D
Q4. All client computers on your company network run Windows 7. Employees use Windows Internet Explorer 8 to access Web sites. You discover that some computers are infected with malicious software.
Employees are able to access Web sites that might have been compromised by malicious software.
You need to configure the settings in Internet Explorer 8 to prevent malicious software from being installed on the computers.
What should you do?
A. Configure Popup Blocker.
B. Configure SmartScreen Filter.
C. Add the sites to the Local intranet zone.
D. Add company-approved Web sites to the Compatibility View List.
Answer: B
Q5. All client computers on your company network were recently upgraded from Windows Vista to windows 7.
Several employees use a scanner to import document images into a database. They install a new scanning application on their computers. The application updates the device driver for the scanners as part of the installation process.
Employees report that the application can no longer connect to the scanner.
You need to ensure that the employees can use the scanner.
What should you do?
A. Roll back the device driver to the previous version.
B. Reinstall the application in Windows Vista compatibility mode.
C. Set the application compatibility properties to run the application as an administrator.
D. Restart the computer by using the System Configuration tool to load only basic devices and services.
Answer: A
Q6. One of the company's client computers is configured with the company's System Protection settings. That computer becomes unresponsive. You run a system restore on the computer.
The system restore does not restore the computer system settings.
You need to ensure that all future system restores for the computer include system settings.
You reimage the client computer with the company's corporate image.
What should you do next?
A. Modify the System Protection properties for the C volume
B. Create a new system restore point
C. Modify the Shadow Copies properties for the C volume
D. Create a new critical volume backup
Answer: A
Q7. When visiting certain websites, users receive a message in Internet Explorer.
The message is shown in the exhibit:
You need to ensure that the Internet Explorer settings for all client computers follow company requirements.
What should you modify in Group Policy?
Exhibit:
A. Enable the Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Turn on Protected Mode setting.
B. Disable the Internet Explorer\Internet Control Panel\Prevent ignoring certificate errors setting.
C. Enable the Internet Explorer\Internet Control Panel\Prevent ignoring certificate errors setting.
D. Disable the Windows Components\Windows Error Reporting\Disable Windows Error Reporting setting.
E. Enable the Windows Components\Windows Error Reporting\Disable Windows Error Reporting setting.
F. Enable the Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Do not prompt for client certificate selection when no certificate or only one certificate setting.
Answer: C
Q8. All client computers on your company network run Windows 7. Your company has a Windows Server2008 domain.
You plan to use Group Policy to enable BitLocker Drive Encryption (BDE).
You need to ensure that the following requirements are met:
All BitLocker recovery keys are stored in a central location.
Data is encrypted only after a backup of the recovery key is available.
What should you do?
A. Run the manage-bde -on -ForceRecovery command.
B. Enable the Choose default folder for recovery password setting.
C. Enable the Store BitLocker recovery information in Active Directory Domain Services setting.
D. Enable the Choose how users can recover BitLocker encrypted drives setting. Set the 256-bit recovery key to Require recovery password.
Answer: C
Q9. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 3, A. Datum Corporation
Scenario:
You are an enterprise desktop support technician for A. Datum Corporation.
Active Directory Configuration
The company has three offices. The offices are configured as shown in the following table:
Wireless Network
A wireless network is implemented in the main office. The wireless network is configured to use WPA2-Enterprise security.
Client Configuration
All client computers run Windows 7 Enterprise and are configured to use DHCP.
Windows Firewall is disabled on all client computers.
All computers in the research department have Windows XP Mode and Windows Virtual PC installed.
You deploy a custom Windows XP Mode image to the research department computers.
An application named App1 is installed in the image.
Each research department computer has the following hardware:
4-GB of RAM
Intel Core i7 processor
500-GB hard disk drive
Corporate Security Policy
The corporate security policy includes the following requirements:
Users without domain accounts must be denied access to internal servers.
All connections to the company's wireless access points must be encrypted.
Only employees can be configured to have user accounts in the Active Directory domain.
The hard disk drives on all portable computers must be encrypted by using Windows BitLocker Drive Encryption (BitLocker).
Users in the research department report that they cannot run App1 or Windows XP Mode.
You need to ensure that all research department users can run App1. You need to achieve this goal by using the minimum amount of administrative effort.
What should you do?
A. Approve all Windows 7 updates on WSUS1.
B. Enable hardware virtualization on the research department computers.
C. Give each member of the research department a computer that has an Intel Core i5 processor.
D. Request that a domain administrator create a GPO that configures the Windows Remote Management (WinRM) settings.
Answer: B
Q10. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 1, Consolidated Messenger
Scenario:
You are an enterprise desktop support technician for Consolidated Messenger.
Network Configuration
The company has three offices named Office1, Office2, and Office3. The offices connect to each other over the Internet by using VPN connections. Each office has an 802.11g wireless access point. All wireless access points are configured to use Radius01 for authentication.
Active Directory Configuration
The network contains one Active Directory domain named consolidatedmessenger.com. The relevant organizational unit structure is shown in the following diagram:
Client Configuration
Each office has 500 desktop computers that run Windows 7 Enterprise.
There are 250 mobile users that travel regularly between all three offices. The mobile users have laptop computers that run Windows 7 Enterprise.
To prevent the spread of malware, the company restricts the use of USB devices and only allows the use of approved USB storage devices.
Printers
The marketing group has several printers that are shared on File01. A shared printer name Printer1 is a high-performance, black-and-white printer. A shared printer named Printer2 is a high-definition, photo-quality, color printer. Printer2 should only be used to print marketing brochures.
The chief financial officer (CFO) releases new guidelines that specify that only users from Finance are allowed to run FinanceApp1.
Users in the Marketing OU report that they can run FinanceApp1.
You need to ensure that only users in the Finance OU can run FinanceApp1.
What should you do?
A. In the AllComputers GPO, create a new AppLocker executable rule.
B. In the Desktops GPO and the Laptops GPO, create a new Windows Installer rule.
C. In the AllComputers GPO, create a software restriction policy and define a new hash rule.
D. In the Desktops GPO and the Laptops GPO, create a software restriction policy and define a new path rule.
Answer: A