Q1. All client computers on your company network run Windows 7 and are members of a Windows Server 2008 R2 domain. The R&D department staff are local administrators on their computers and are members of the R&D global security group.
A new version of a business software application is available on the network.
You plan to apply an AppLocker security policy to the R&D group.
You need to ensure that members of the R&D group are not allowed to upgrade the software.
What should you do?
A. Create an Audit only restriction based on the version of the software.
B. Create an Audit only restriction based on the publisher of the software.
C. Create an Enforce rule restriction based on the version of the software.
D. Create an Enforce rule restriction based on the publisher of the software.
Answer: C
Q2. Your network contains a wired network and a wireless network.
Users report that they experience intermittent problems accessing network resources when they connect to the internal wireless network.
You discover that an unsecured rogue wireless access point uses the same Service Set Identifier (SSID) as the internal wireless network.
You need to ensure that the users only connect to the internal wireless network.
What should you do?
A. Configure a Windows Connect Now Group Policy.
B. Configure a Wireless Network (IEEE 802.11) Policy.
C. Delete the rogue network from the Network and Sharing Center on each computer.
D. Create a Connection Manager Administration Kit (CMAK) profile and deploy it to all users.
Answer: B
Q3. The users on your network have portable computers that run Windows 7 Ultimate.
Some users report that the batteries on their computers lose their charge faster than before.
You need to identify which batteries to replace.
What should you do?
A. From each computer, run Powercfg.exe.
B. From each computer, run Windows Resource Monitor.
C. From a network server, run MSConfig.exe.
D. From a network server, run System Information.
Answer: A
Q4. All computers on your company network run Windows 7.
Several support requests have been made by employees who have recently had hardware upgrades to their computers. Each request states that the employee's computer restarts automatically at random times.
You examine one of the computers and verify the following information:
Only approved applications and processes are run on the computer.
All updates to the operating system and applications have been applied to the computer.
No malicious software is found on the computer.
You need to find out why the computers are restarting automatically.
What should you do?
A. Run the Windows Memory Diagnostic tool.
B. Run the fixmbr command from the Recovery Console.
C. Run the fixboot command from the Recovery Console.
D. Run the Check for performance issues Control Panel tool.
Answer: A
Q5. Your company has a main office and a branch office. The network contains a single Active Directory domain. All servers and client computers are members of the domain.
A print server is located in the branch office. All other servers are located in the main office. All servers run Windows Server 2008 R2. All client computers run Windows 7.
Users in the branch office report poor performance when they access an intranet Web site in the main office.
You need to recommend changes to the network to improve the performance of intranet access by computers in the branch office.
What should you recommend implementing?
A. a VPN
B. BranchCache
C. HTTP redirect
D. WebDav
Answer: B
Q6. A company has new portable computers running Windows 7.
On one of the computers, the USB mouse cursor does not move. You connect the mouse to another computer, where it works correctly.
You need to recommend possible solutions to the problem.
What should you recommend? (Choose all that apply.)
A. Connect the mouse into a different USB port.
B. Enable the USB controller in the BIOS.
C. Disable the computer's trackpad.
D. Disable Hot Keys on the computer.
E. Turn on Mouse Keys.
Answer: ABC
Q7. A new printer is installed on FP1 and is shared as Printer1.
Users report that they receive an error when they try to connect to \\FP1\Printer1, and that after they click OK they are prompted for a printer driver.
The server administrator confirms that the printer is functioning correctly and that he can print a test page.
You need to ensure that users are able to connect to the new printer successfully. Your solution must minimize administrative effort.
What should you request?
A. an x86 printer driver be installed on FP1
B. the permissions be changed on the shared printer
C. a new Group Policy object (GPO) be created that includes a printer mapping for \\FP1\Printer1
D. the Devices: Prevent users from installing printer drivers setting in the Default Domain Policy be set to disabled
Answer: A
Q8. The help desk reports that users receive a security warning message when they try to access the internal Web site shown in the exhibit:
The help desk confirms that users never received this security warning message before.
You need to provide a solution to prevent users from receiving the security warning when they try to access the internal Web site.
What should you do?
Exhibit:
A. Instruct the users to download the certificate of the Web server.
B. Instruct the users to download a new certificate revocation list (CRL).
C. Request that a domain administrator renew the Web server SSL certificate.
D. Request that a domain administrator renew the user authentication certificates for all users.
Answer: C
Q9. Several mobile users access the Internet by using cellular connections.
The help desk reports a high volume of calls from mobile users who report the following connection problems:
When their cellular connections fail, their VPN connections also fail.
When their cellular connections are reestablished, they must manually connect to the VPN server.
You need to recommend a solution to ensure that the VPN connections are automatically reestablished.
What should you recommend?
A. Implement an IKEv2 VPN.
B. Implement an SSTP-based VPN.
C. Configure credential roaming.
D. Configure a Kerberos user ticket lifetime.
Answer: A
Q10. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 10, Humongous Insurance
Scenario:
You are an enterprise desktop support technician for Humongous Insurance.
Active Directory Configuration
The company has two offices named Office1 and Office2.
The network contains an Active Directory forest named humongousinsurance.com. An Active Directory site exists for each office. The sites are named Site1 and Site2.
Server Configuration
All servers run Windows Server 2008 R2 and are joined to the domain. The relevant servers are configured as shown in the following table:
The corporate security policy states that all domain controllers must have only the following roles:
AD DS
DNS server
DHCP server
Network Configuration
Site1 and Site2 connect to each other by using a WAN link.
Client Computer Configuration
All client computers run Windows 7 Enterprise and are members of the domain. Some client computers are portable computers and some are desktop computers. The computers do not support hardware virtualization.
All computers are configured to receive Windows Updates from WSUS1.
Remote Access Configuration
Users can connect to NPAS1 from the Internet by using all of the VPN protocols that are supported by Windows Server 2008 R2.
Fabrikam, Inc. is a customer of Humongous Insurance. Several Humongous Insurance users work at the Fabrikam office and access resources on the Humongous Insurance network by using direct VPN connections to NPAS1. Fabrikam contains several wireless access points.
Application Configuration
All computers in the finance department run a custom application suite named App1.
Several users in the sales department install an application named App2. App2 runs as a service and logs on by using the credentials of the user who installed the application.
Several users in the sales department report that their user accounts are locked out shortly after they change their user passwords.
You need to minimize the number of account lockouts that occur after the users change their passwords.
What should you instruct the users to do?
A. Delete all entries from the Credential Manager vault.
B. Change their passwords and then create a password reset disk.
C. Change their passwords and then configure App2 to log on by using a service account.
D. Change their passwords and then log off and log back on to their computers.
Answer: C