70-686 Exam
Top Best Quality 70-686 keys Tips!
Ucertify offers free demo for 70-686 exam. "Pro: Windows", also known as 70-686 exam, is a Microsoft Certification. This set of posts, Passing the Microsoft 70-686 exam, will help you answer those questions. The 70-686 Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft 70-686 exams and revised by experts!
Q51. Your company has a single Active Directory Domain Services (AD DS) domain and 1,000 Windows Vista computers.
You are planning to deploy Windows 7 and a custom application.
You have the following requirements:
. The application must be available to only a specific group of users.
. You must be able to monitor application usage.
You need to design a deployment method for the custom application that meets the requirements.
Which deployment method should you use in your design?
A. software installation in Group Policy
B. Microsoft Application Virtualization (App-V)
C. baseline Windows 7 image that includes the custom application
D. startup scripts in Group Policy
Answer: B
Explanation:
MS App-V thus allows centralized installation and management of deployed applications. It supports policy based access control; administrators can define and restrict access to the applications by certain users by defining policies governing the usage. App-V can require that applications not be run 'cached' from workstations, or require that 'cached' App-V applications routinely update license information from the App-V server, enforcing license compliance. These policies are centrally applied on the application repository. App-V also allows copy of the applications across multiple application servers for better scalability and fault tolerance, and also features a tracking interface to track the usage of the virtualized application. http://en.wikipedia.org/wiki/Microsoft_App-V
Q52. Your company’s network is shown in the following diagram.
All client computers are members of the contoso.com Active Directory Domain Services (AD DS) domain. Each network segment is represented by an AD DS site object that is named to match the network segment.
Your company plans to deploy Windows 7 to all client computers.
You need to manage the deployment to ensure that client computers in branch office C can activate Windows. What should you do?
A. Create a DNS service (SRV) resource record named _vlmcs._udp.BranchOfficeC._sites.contoso.com.
B. Deploy the Multiple Activation Key (MAK) in branch office C.
C. Deploy the Key Management Service (KMS) in branch office C.
D. Create a DNS service (SRV) resource record named _vlmcs._tcp.BranchOfficeC._sites.contoso.com.
Answer: B
Explanation:
Key Management Service (KMS) requires a count of 25 or higher from the KMS host to activate itself.
refer to http://technet.microsoft.com/en-us/library/ee939272.aspx
Q53. All client computers in your network run Windows 7 Enterprise.
You need to prevent all standard user accounts from running programs that are signed by a
specific publisher.
What should you do?
A. Use AppLocker application control policies. Create an Executable rule.
B. Use software restriction policies. Create a hash rule.
C. Use AppLocker application control policies. Create a Windows Installer rule.
D. Use software restriction policies. Create a path rule.
Answer: A
Explanation:
http://technet.microsoft.com/en-us/library/dd759068.aspx The AppLocker Microsoft Management Console (MMC) snap-in is organized into four areas called rule collections. The four rule collections are executable files, scripts, Windows Installer files, and DLL files. These collections give the administrator an easy way to differentiate the rules for different types of applications. Rule conditions are criteria that the AppLocker rule is based on. Primary conditions are required to create an AppLocker rule. The three primary rule conditions are publisher, path, and file hash.
Publisher - This condition identifies an application based on its digital signature and extended attributes. The digital signature contains information about the company that created the application (the publisher). The extended attributes, which are obtained from the binary resource, contain the name of the product that the application is part of and the version number of the application. The publisher may be a software development company, such as Microsoft, or the information technology department of your organization.
Path - This condition identifies an application by its location in the file system of the computer or on the network. AppLocker uses path variables for directories in Windows. File hash - When the file hash condition is chosen, the system computes a cryptographic hash of the identified file.
Q54. You have deployed a ConfigMgr site server at each site. You are planning to use PXE boot to deploy a new Windows 7 image. You need to deploy the image to all office locations. When you attempt to perform a PXE boot, it fails at each office location.
You need to prepare the infrastructure.
What should you do? (Choose all that apply.)
A. On each VLAN or subnet, create an IP helper for PXE that points to the PXE service point in each office.
B. Install a single PXE service point in the Los Angeles office.
C. On each VLAN or subnet, create an IP helper for PXE that points to the PXE service point in the Los Angeles office.
D. Install a PXE service point in each office.
E. Create a single IP helper for PXE that points to the DHCP server in the Los Angeles office.
F. Create a single IP helper for PXE that points to the DHCP server in each office.
Answer: C,D
Explanation:
This dump's question is not complete.
MS exam question mention Deployment share is only setup at los Angeles office.
one of question from testlets
Q55. DRAG DROP
You are the desktop architect for an enterprise organization with computers that run Windows 7.
You need to create a Group Policy object (GPO) to prevent Windows Explorer from starting until all logon scripts have finished.
Which setting should you select? To answer, select the appropriate setting in the work area.
Answer:
Q56. Your company has a single Active Directory Domain Services (AD DS) domain and 1,000 Windows 7 computers. You are planning to deploy a custom application. You need to schedule the deployment to occur outside of business hours and without user interaction. What should you do? (Choose all that apply.)
A. Create a collection with the required computers and assign the software to the collection.
B. Create a software installation Group Policy object (GPO).
C. Assign the policy to the root of the Active Directory Domain Services (AD DS) domain.
D. Create a software deployment package by using System Center Configuration Manager 2007.
E. Create an unattend.xml file.
F. Create a silent install MSI file.
Answer: A,D,F
Explanation:
hints: without user interaction = silent install MSI file
Q57. Your companys network has client computers that run Windows 7.
A software vendor releases version 2 of an application that your company uses. Your company currently uses version 1. Version 1 and version 2 are not compatible.
You plan to deploy version 2 of the application. You have the following requirements:
. Users must be able to run both versions of the application on their computers.
. Version 2 must be available when a client computer is not connected to the network.
You need to plan a software deployment process that meets the requirements. What should you do? (Choose all that apply.)
A. Deploy version 2 of the application by using Microsoft Application Virtualization (App-V).
B. Deploy version 2 of the application by using Microsoft Enterprise Desktop (MED-V).
C. Deploy version 2 of the application as a Remote Desktop Services RemoteApp.
D. Deploy version 2 of the application by using a Microsoft System Center Configuration Manager package.
Answer: A,B
Explanation:
Microsoft Application Virtualization (MS App-V) platform allows applications to be deployed in real-time to any client from a virtual application server. It removes the need for local installation of the applications. Instead, only the App-v client needs to be installed on the client machines. All application data is permanently stored on the virtual application server. Whichever software is needed is either streamed or locally cached from the application server on demand and run locally. The App-V stack sandboxes the execution environment so that the application does not make changes to the client itself (OS File System and/or Registry). App-V applications are also sandboxed from each other, so that different versions of the same application can be run under App-V concurrently. http://en.wikipedia.org/wiki/Microsoft_App-V
Q58. You upgrade all of an organization's client computers to Windows 7.
After the upgrade, a specific legacy application does not function correctly.
You need to generate a list of all the computers that have the legacy application installed.
Which two actions should you perform? (To answer, move the appropriate action from the
list of actions to the answer area and arrange them in the correct order.)
Answer:
Q59. A network has a single domain with 1,000 client computers that run Windows 7.
A large number of software installation scripts are configured to run on the client
computers.
You need to recommend a Group Policy setting that allows users to log on to their
computers as soon as possible at first boot.
What should you recommend?
Answer:
Q60. Your companys network includes client computers that run Windows 7.
You design a wireless network to use Extensible Authentication ProtocolCTransport Level
Security (EAP-TLS). The Network Policy Server has a certificate installed.
Client computers are unable to connect to the wireless access points.
You need to enable client computers to connect to the wireless network.
What should you do?
A. Install a certificate in the Trusted Root Certification Authorities certificate store.
B. Configure client computers to use Protected Extensible Authentication ProtocolCTransport Layer Security (PEAP-TLS).
C. Configure client computers to use Protected Extensible Authentication Protocol-Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MS-CHAP v2).
D. Install a certificate in the Third-Party Root Certification Authorities certificate store.
Answer: A