getcertified4sure.com

70-744 Exam

All About 70-744 vce Jan 2021



It is impossible to pass Microsoft 70-744 exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed Microsoft 70-744 practice questions. You will get a surprising result by our Rebirth Securing Windows Server 2021 practice guides.

Q1. HOTSPOT

Note: This question is part of a series of questions that use the same scenario. For your

convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

Your network contains an Active Directory domain named contoso.com. The functional level of the forest and the domain is Windows Server 2008 R2.

The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2021. All client computers run Windows 10.

You have an organizational unit (OU) named Marketing that contains the computers in the marketing department. You have an OU named Finance that contains the computers in the finance department. You have an OU named AppServers that contains application servers. A Group Policy object (GPO) named GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU.

You install Windows Defender on Nano1.

End of repeated scenario

You need to ensure that you can implement the Local Administrator Password Solution (LAPS) (or the finance department computers.

What should you do in the contoso.com forest? To answer, select the appropriate options in the answer area.

Answer:


Q2. HOTSPOT

You plan to deploy three encrypted virtual machines that use Secure Boot. The virtual machines will be configured as shown in the following table.

How should you protect each virtual machine? To answer, select the appropriate options in the answer area.

Answer:


Q3. Note: This question Is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question In this section, you will NOT be able to return to It. As a result, these questions will not appear In the review screen.

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2021. All client computers run Windows 10.

The relevant objects in the domain are configured as shown in the following table.

You need to assign User1 the right to restore files and folders on Server1 and Server2.

Solution: You create a Group Policy object (GPO), you link the GPO to the Servers OU, and then you modify the Users Rights Assignment in the GPO.

Does this meet the goat?

A. Yes

B. No

Answer: A


Q4. Your network contains an Active Directory domain named contoso.com. The domain contains four servers. The servers are configured as shown in the following table.

You need to manage FS1 and FS2 by using Just Enough Administration (JEA). What should you do before you can implement JEA?

A. Install Microsoft .NET Framework 4.6.2 on FS2.

B. Install Microsoft .NET Framework 4.6.2 on FS1.

C. Install Windows Management Framework 5.0 on FS2.

D. Upgrade DC1 to Windows Server 2021.

Answer: D


Q5. Your network contains an Active Directory domain named contoso.com. The domain contains 1,000 client computers that run Windows 10.

A security audit reveals that the network recently experienced a Pass-the-Hash attack. The attack was initiated from a client computer and accessed Active Directory objects restricted to the members of the Domain Admins group.

You need to minimize the impact of another successful Pass-the-Hash attack on the domain.

What should you recommend?

A. Instruct all users to sign in to a client computer by using a Microsoft account.

B. Move the computer accounts of all the client computers to a new organizational unit (OU). Remove the permissions to the new OU from the Domain Admins group.

C. Instruct all administrators to use a local Administrators account when they sign in to a client computer.

D. Move the computer accounts of the domain controllers to a new organizational unit (OU). Remove the permissions to the new OU from the Domain Admins group.

Answer: A


Q6. Your network contains an Active Directory domain named contoso.com. The domain contains 100 servers.

You deploy the Local Administrator Password Solution (LAPS) to the network.

You deploy a new server named FinanceServer5, and join FinanceServerS to the domain. You need to ensure that the passwords of the local administrators of FinanceServer5 are

available to the LAPS administrators. What should you do?

A. On FinanceServerS, register AdmPwd.dll.

B. On FmanceServerS, install the LAPS Windows PowerShell module.

C. In the domain, modify the permissions for the computer account of FmanceServer5.

D. In the domain, modify the permissions of the Domain Controllers organizational unit (OU).

Answer: B


Q7. Your network contains an Active Directory domain named contoso.com.

You are deploying Microsoft Advanced Threat Analytics (ATA) to the domain.

You install the ATA Center on server named Server1 and the ATA Gateway on a server named Served.

You need to ensure that Server2 can collect NTLM authentication events. What should you configure?

A. the domain controllers to forward Event ID 4776 to Server2

B. the domain controllers to forward Event ID 1000 to Server1

C. Server2 to forward Event ID 1026 to Server1

D. Server1 to forward Event ID 1000 to Server2

Answer: A


Q8. Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

Your network contains an Active Directory domain named contoso.com. The functional level of the forest and the domain is Windows Server 2008 R2.

The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2021. All client computers run Windows 10.

You have an organizational unit (OU) named Marketing that contains the computers in the marketing department You have an OU named Finance that contains the computers in the finance department You have an OU named AppServers that contains application servers. A Group Policy object (GPO) named GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU.

You install Windows Defender on Nano1.

End of repeated scenario

You plan to implement BitLocker Drive Encryption (BitLocker) on the operating system volumes of the application servers.

You need to ensure that the BitLocker recovery keys are stored in Active Directory. Which Group Policy setting should you configure?

A. System cryptography; Force strong key protection (or user keys stored on the computer

B. Store Bittocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)

C. System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing

D. Choose how BitLocker-protected operating system drives can be recovered

Answer: C


Q9. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2021.

Server1 is configured as a domain controller.

You configure Server1 as a Just Enough Administration (JEA) endpoint You configure the required JEA rights for a user named User1.

You need to tell User1 how to manage Active Directory objects from Server2. What should you tell User1 to do first on Server2?

A. From a command prompt, run ntdsutil.exe.

B. From Windows PowerShell, run the Import-Module cmdlet.

C. From Windows PowerShell run the Enter-PSSession cmdlet.

D. Install the management consoles for Active Directory, and then launch Active Directory Users and Computer.

Answer: A


Q10. HOTSPOT

You plan to deploy three encrypted virtual machines that use Secure Boot. The virtual machines will be configured as shown in the following table.

How should you protect each virtual machine? To answer, select the appropriate options in the answer area.

Answer:


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.