aiotestking uk

70-686 Exam Questions - Online Test


70-686 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Your company has a single Active Directory Domain Services (AD DS) domain and 1,000 Windows 7 computers. 

You are planning to deploy a custom application. 

You need to schedule the deployment to occur outside of business hours and without user interaction. 

Which deployment method should you choose? 

A. Lite Touch Installation 

B. software deployment with Microsoft System Center Configuration Manager 2007 

C. software installation with Group Policy 

D. Microsoft Application Virtualization (App-V) 

Answer:

Explanation: 

Microsoft System Center Configuration Manager 2007 able to set schedule to deploy (text book) hints: without user interaction = zero touch 

Q2. Your company’s network has client computers that run Windows 7. 

When a user attempts to log on to the domain from a computer named Client1, she receives the following message: The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect. 

You need to ensure that the user can log on to the domain from Client1. 

What should you do? 

A. Disjoin and rejoin Client1 to the domain. 

B. Reset the account password for Client1 through Active Directory Users and Computers. 

C. Add the computer account for Client1 to the Domain Computers Active Directory group. 

D. Reset the account password for the user through Active Directory Users and Computers. 

Answer:

Explanation: 

Re-create the computer account, join a workgroup, and then rejoin the domain. 

refer to http://support.microsoft.com/kb/810497 

Q3. You are deploying Windows 7 Enterprise and Microsoft Office to client computers. 

The deployment must meet the following requirements: 

Deploy Windows 7 Enterprise to all client computers. 

Deploy Office 2007 Professional to client computers in the Munich office. 

Deploy Office 2010 Professional to client computers in the Madrid office. 

Automate the deployment to minimize administrative effort. 

You need to recommend a deployment solution that meets the requirements. 

What should you recommend? 

A. Create a single Windows 7 Enterprise Edition image. Deploy the image that installs Office by using a task sequence that checks for the account used for deployment. 

B. Create a single Windows 7 Enterprise Edition image. Deploy the image that installs Office by using a Group Policy object based on the user who is logged in. 

C. Create a Windows 7 Enterprise Edition image with Office 2007 installed. Create a second Windows 7 Enterprise Edition image with Office 2010 installed. 

D. Create a single Windows 7 Enterprise Edition image. Deploy the image that installs Office by using a task sequence that checks for the Organizational Unit of the client computer. 

Answer:

Explanation: 

AppLocker (a set of Group Policy settings that evolved from Software Restriction Policies, to restrict which applications can run on a corporate network, including the ability to restrict based on the application's version number or publisher) http://en.wikipedia.org/wiki/Features_new_to_Windows_7 

Q4. You have a single Active Directory domain. All domain controllers run Windows Server 2003 with Service Pack 1 (SP1). 

You plan to store Windows BitLocker Drive Encryption recovery passwords in Active Directory. 

You need to recommend the solution that uses the least amount of administrative effort. 

What should you recommend? 

A. Upgrade the domain controller that has the role of operations master to Windows Server 2008 R2. 

B. Upgrade all domain controllers to Windows Server 2008 R2. 

C. Upgrade all domain controllers to Windows Server 2003 SP2. 

D. Extend the Active Directory schema. 

Answer:

Explanation: 

BitLocker Drive Encryption Configuration Guide: Backing Up BitLocker and TPM Recovery Information to Active Directory 

This section provides information about how BitLocker and TPM recovery information can be backed up in Active Directory. By default, no recovery information is backed up. Administrators can configure Group Policy settings to enable backup of BitLocker or TPM recovery information. Before configuring these settings, as a domain administrator you must ensure that the Active Directory schema has been extended with the necessary storage locations and that access permissions have been granted to perform the backup. http://technet.microsoft.com/en-us/library/cc766015(v=ws.10).aspx 

Q5. You are planning a zero-touch deployment of Windows 7 Enterprise to client computers on your corporate network. 

Each client computer has three available boot methods: 

boot from the network by using PXE 

boot from USB media 

boot from the local hard disk 

You have the following requirements: 

Set the boot method for a zero-touch deployment. 

Ensure that client computers that fail on deployment can be manually configured. 

You need to design a zero-touch deployment strategy that supports the requirements. 

What should you do? 

A. Remove USB media and local hard disk from the available boot methods 

B. Remove USB media and network from the available boot methods 

C. Set network as the first boot method, USB media as the second boot method, and local hard disk as the third boot method 

D. Set USB media as the first boot method and local hard disk as the second boot method. Remove network from the available boot methods 

Answer:

Explanation: 

hints: zero-touch deployment of Windows 7 Enterprise to client computers on your corporate network so, set network as 1st boot. 

Q6. A server runs Windows Server 2008 P2 with Remote Desktop Services (RDS). 

You add an application to Remote Desktop RemoteApp. 

You need to ensure that the application can be published by using Group Policy. 

Which setting should you select? To answer, select the appropriate setting or settings in 

the work area. 

Answer:  

Q7. HOTSPOT 

Active Directory Domain Services (AD OS) is running on windows Server 2008 R2. 

. All user objects are located in the Boston Users Organizational Unit (OU) or the San Diego Users OU. 

. All client computer objects are in the Boston Computers OU or in the San Diego Computers OU. 

. All domain controller computer objects are in their default location. 

You decide to audit changes to AD DS. 

Administrative users in San Diego add new users to the domain without approval. You configure the audit policy settings in the San Diego Policy Group Policy object (GPO) and set up auditing in object System Access Control Lists, YOU verify that the GPO is being applied to the resources in the San Diego OUs, but auditing still does not work. 

You need to select the GPO to ensure that users added by the San Diego administrative users are audited. 

Which GPO should you select? To answer, select the appropriate setting or settings in the work area. 

Answer:  

Q8. Your company has an Active Directory Domain Services (AD DS) forest with a single domain. The domain, organizational unit (OU), and Group Policy object (GPO) design is shown in the following diagram. 

The NY Computers OU contains client computers that run either Windows Vista Enterprise or Windows 7 Enterprise. The New York Computers GPO defines software restriction policies (SRPs). 

You have the following requirements: 

SRPs must be used for only Windows Vista Enterprise client computers. 

AppLocker policies must be used for only Windows 7 Enterprise client computers. 

AppLocker policies must be defined by using Group Policy. 

You need to design an AppLocker deployment that meets these requirements. 

What should you do? 

A. Create a new GPO that has the AppLocker settings, and link it to the NY Users OU. 

B. Define the AppLocker settings in the New York Baseline GPO. 

C. Define the AppLocker settings in the New York Users GPO. 

D. Create a new GPO that has the AppLocker settings, and link it to the NY Computers OU. 

Answer:

Q9. Your company has client computers that run Windows Vista and client computers that run Windows 7. The client computers connect directly to the Microsoft Update Web site once per week and automatically install all available security updates. 

Microsoft releases a security update for Windows 7. 

You have the following requirements: 

. Create a report of all Windows 7 computers that are currently connected to the network and that do not have the security update installed. 

. Use the least amount of administrative effort. 

You need to manage the software update process to meet the requirements. 

What should you do? 

A. Deploy Microsoft Windows Server Update Services (WSUS). Approve the security update for installation, and force a detection cycle on the client computers. 

B. Deploy Microsoft Windows Server Update Services (WSUS). Approve the security update for detection, and force a detection cycle on the client computers. 

C. Use the Microsoft Baseline Configuration Analyzer (MBCA) to scan the client computers. 

D. Use the Microsoft Baseline Security Analyzer (MBSA) to scan the client computers. Configure MBSA to use the Microsoft Update site catalog. 

Answer:

Explanation: 

Microsoft Baseline Security Analyzer Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems. 

http://technet.microsoft.com/en-us/security/cc184924 

Q10. You need to recommend a Microsoft Enterprise Desktop Visualization (MED-V) image update strategy to meet company requirements. 

What should you recommend? 

A. windows Update 

B. Windows Intune 

C. ConfigMgr 

D. Windows Deployment Services (WDS) 

Answer: