Q1. A company has computers running Windows 7 Enterprise. Connections to the company's wireless network are filtered by MAC address.

The company purchases a new computer that must be connected to the wireless network.

You need to recommend all the commands that discover the MAC address of the new computer's wireless network adapter.

Which commands should you recommend? (Choose all that apply.)

A. getmac /v

B. ipconfig /all

C. netstat

D. ipconfig

E. ipconfig / allcompartments

View Answer

Q2. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.

Topic 2, City Power & Light

Scenario:

You are an enterprise desktop support technician for City Power & Light.

City Power & Light is a utility company. The company has a main office and a branch office. The main office is located in Toronto. The branch office is located in Boston. The main office has 1,000 employees. The branch office has 10 employees.

Active Directory Configuration

The network contains a single Active Directory domain named cpandl.com. The functional level of the forest is Windows Server 2008 R2.

Server Configuration

All servers run Windows Server 2008 R2. The relevant servers in the main office are configured as shown in the following table:

All computers in the main office are configured to use DHCP. All computers in the branch office are configured to use static IP addresses.

User Information

     All user accounts are standard user accounts.

     All client computers run Windows 7 Enterprise.

     Each portable computer has a PPT P-based VPN connection to the internal network.

Corporate Security Guidelines

     All users must be granted the least privileges possible.

     All locally stored documents must be encrypted by using Encrypting File System (EFS).

     The hard disk drives on all port able computers must be encrypted by using Windows BitLocker Drive  

          Encryption (BitLocker).

     All encryption certificates must be stored on smart cards.

The company is deploying a new application.

When users attempt to install the application, they receive an error message indicating that they need administrative privileges to install it.

You need to recommend a solution to ensure that users can install the application. The solution must adhere to the corporate security guidelines.

What should you recommend?

A. Publish the application by using a Group Policy.

B. Disable User Account Control (UAC) by using a Group Policy.

C. Add all domain users to the local Power Users group by using Restricted Groups.

D. Add the current users to the local Administrators group by using Group Policy preferences.

View Answer

Q3. All client computers on your company network run Windows 7.

The preview displayed in the Content view of Windows Explorer and the Search box is considered a security risk by your company.

You need to ensure that documents cannot be previewed in the Content view.

What should you do?

A. Change the Windows Explorer view to the List view and disable all Search indexes.

B. Set Group Policy to enable the Remove See More Results/Search Everywhere link setting.

C. Set Group Policy to enable the Turn off the display of snippets in Content view mode setting.

D. Set Group Policy to enable the Turn off display of recent search entries in the Windows Explorer search box setting.

View Answer

Q4. A corporate environment includes 10,000 client computers running Windows 7 Enterprise. The client computers are joined to an Active Directory Domain Services (AD DS) domain named contoso.com. DNS is the preferred name-resolution protocol. There have been no recent changes to the DNS entries. WINS is not running in the environment. When most users attempt to connect to pc01.contoso.com from their client computers, the URL resolves to the incorrect IP address. The URL resolves correctly from only one client computer. On the client computers experiencing the issue, the HOSTS file does not include an entry for pc01.contoso.com. You need to recommend an approach for resolving pc01.contoso.com correctly from all client computers. What is the best approach to achieve the goal? (More than one answer choice may achieve the goal. Select the BEST answer.)

A. Run the ipconfig /flushdns command from the client computers experiencing the issue.

B. Add a pc01 entry pointing to the correct IP address to the LMHOSTS file on each of the client computers experiencing the issue.

C. Add a pc01.contoso.com entry pointing to the correct IP address to the HOSTS file on each of the client computers experiencing the issue.

D. Run the ipconfig /registerdns command from PC01.

View Answer

Q5. The help desk reports that users receive a security warning message when they try to access the internal Web site shown in the exhibit:

The help desk confirms that users never received this security warning message before.

You need to provide a solution to prevent users from receiving the security warning when they try to access the internal Web site.

What should you do?

Exhibit:

A. Instruct the users to download the certificate of the Web server.

B. Instruct the users to download a new certificate revocation list (CRL).

C. Request that a domain administrator renew the Web server SSL certificate.

D. Request that a domain administrator renew the user authentication certificates for all users.

View Answer

Q6. You need to troubleshoot the remote access issues in the Beijing office.

What should you configure? (Choose all that apply.)

A. the network test resources for DirectAccess Connectivity Assistant (DCA)

B. the external DNS servers to use for name resolution

C. the internal DNS servers to use for name resolution

D. the IPv6 addresses of all DirectAccess servers

E. the IPv4 addresses of all DirectAccess servers

View Answer

Q7. All client computers on your company network run Windows 7. The computers are members of a Windows Server 2008 R2 domain.

You need to ensure that data stored on removable drives is encrypted.

What should you do?

A. Set the Removable Disks:Deny write access option by using Group Policy.

B. Set the Control use of BitLocker on removable drives option to Allow users to apply BitLocker on removable drives by using Group Policy.

C. Set the Configure use of passwords for removable data drives option to Require password for removable data drive by using Group Policy.

D. Enable the Deny write access to removable drives not protected by BitLocker option by using Group Policy.

View Answer

Q8. All client computers on a company's network run Windows 7 and are members of an Active Directory Domain Services (AD DS) domain. Company policy requires that all unnecessary services be disabled on the computers.

The Sales department staff has been provided with new wireless adapters that use the IEEE 802.11n technology.

You need to ensure that portable computers can connect to wireless networks.

Which service should be running on the portable computers?

A. WWAN AutoConfig

B. Computer Browser

C. Portable Device Enumerator Service

D. WLAN AutoConfig

View Answer

Q9. All client computers on your company network were recently migrated from Windows XP to Windows 7.

Your company uses a proprietary application that is currently not compatible with Windows 7. A shim has been created and applied to mitigate compatibility issues until a Windows 7-compatible version is developed.

A security update is made for this application. The update must be tested and then deployed as a new version of the application.

During testing you are unable to install the application.

You need to ensure that the application can be installed in the test environment before it can be deployed to the production environment.

What should you do?

A. Disable UAC prompts.

B. Run the .msi file from an elevated command prompt.

C. Modify the shim to apply to all versions of the application.

D. Modify the shim to apply only to the new version of the application.

View Answer

Q10. Members of the Sales Support team must contact the help desk to have their AD DS user accounts unlocked.

You need to recommend a solution to ensure that user accounts for members of the Sales Support team are automatically unlocked 10 minutes after becoming locked.

What should you recommend?

A. Create a new Group Policy object with a different account lockout policy and link it to the domain.

B. Modify the Unlock Account options for the members of the Sales security group.

C. Create a fine-grained password policy with a different account lockout policy and apply it to the Sales security group.

D. Modify the Account Properties Options properties for the members of the Sales security group.

View Answer