December/2019 Braindump2go 70-744 Exam Dumps with PDF and VCE New Updated Today! Following are some new 70-744 Exam Questions,
New Question
Your network contains an Active Directory forest named Corp. The forest functional level is Windows Server 2016.
You deploy a new forest named Priv and set the forest functional level to Windows Server 2016.
You need to implement Privileged Access Management (PAM).
What should you do next?
A. Install Microsoft Identity Manager (MIM) on a server in the Priv forest.
B. Install Microsoft Identity Manager (MIM) in the Corp forest.
C. Create shadow accounts in the Priv forest.
D. Create shadow accounts in the Corp forest.
Answer: C
Explanation:
https://www.petri.com/windows-server-2016-set-privileged-access-management
New Question
Your network contains an Active Directory forest named contoso.com. You deploy another Active Directory forest named admin.contoso.com.
You create a trust relationship between the two forests. The trust relationship has the following configurations:
– SID history is disabled
– SID filtering is disabled
You need to implement Privileged Access Management (PAM) and to specify admin.contoso.com as an administrative forest. What should you do?
A. Run netdom.exe and specify the /quarantine switch.
B. Enable SID filtering on the trust.
C. Run netdom.exe and specify the /transitive switch.
D. Enable SID history on the trust.
Answer: C
Explanation:
https://www.petri.com/windows-server-2016-set-privileged-access-management
New Question
Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest named contoso.com.
You deploy five servers to the perimeter network. All of the servers run Windows Server 2016 and are the members of a workgroup.
You need to apply a security baseline named Perimeter.inf to the servers in the perimeter network.
What should you use to apply Perimeter.inf?
A. Security Configuration and Analysis
B. Group Policy Management
C. System Configuration
D. Server Manager
Answer: A
Explanation:
https://4sysops.com/archives/security-compliance-manager-deploy-baselines/#deploy-a-baseline-to-a-workgroup-server
New Question
You have a Hyper-V host named Server1 that runs Windows Server 2016.
Server1 has a generation 2 virtual machine named VM1 that runs Windows 10.
You need to ensure that you can turn on BitLocker Drive Encryption (BitLocker) for drive C on VM1.
What should you do?
A. From the settings of VM1, configure Integration Services
B. From Server1, configure the Enforce drive encryption type on fixed data drives Group Policy setting.
C. From the settings of VM1, enable a Trusted Platform Module(TPM).
D. From the settings of VM1, enable Secure Boot.
Answer: C
Explanation:
https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/learn-more/generation-2-virtual-machine-security-settings-for-hyper-v
New Question
You have a server named Server1 that runs Windows Server 2016.
Windows Defender on Server1 has the following configurations.
Server1 has the following files:
C:\Folder1\File1.exe
C:\Folder2\File2.bat
C:\Folder2\File3.com
Which files will be scanned for malware?
A. File1.exe and File3.com only
B. File2.bat only
C. File1.exe, File2.bat, and File3.com
D. File1.exe only
E. File2.bat and File3.com only
F. File3.com only
Answer: E
Explanation:
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus
New Question
You have a Host Guardian Service (HGS) and a guarded host.
You have a VHDX file that contains an image of Windows Server 2016.
You need to provision a virtual machine by using a shielded template.
Which three files should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. a TPM baseline policy file
B. a TPM identifier file
C. a shielding data .pdk file
D. a signature for the .vhdx file
E. an unattended.xml file
Answer: CDE
Explanation:
https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-create-a-shielded-vm-template
https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-tenant-creates-shielding-data
New Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You deploy Windows Server 2016 to a server named Server1.
You need to ensure that you can run Windows Containers on Server1.
Solution: On server1, you install the DockerMsftProvider PowerShell and the Docker package. You restart the server.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation:
https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/deploy-containers-on-server
New Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contain an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. Computer1 connects to a home network and a corporate network.
The corporate network uses the 172.16.0.0/24 address space internally.
Computer1 runs an application named App1 that listens to port 8080.
You need to prevent connections to App1 when Computer1 is connected to the home network.
Solution: From Windows Firewall with Advanced Security, you create an inbound rule.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd421709(v=ws.10)#what-is-an-inbound-rule
New Question
You work for a hosting company named Contoso, Ltd.
Contoso has multiple Hyper-V hosts that run Windows Server 2016.
You are configuring Software Defined Networking (SDN).
You need to configure Datacenter Firewall to control the traffic to virtual machines.
Which cmdlet should you use?
A. Set-Acl
B. Grant-VMConnectAccess
C. New-NetworkControllerAccessControlList
D. New-NetFirewallRule
Answer: C
Explanation:
https://docs.microsoft.com/en-us/windows-server/networking/sdn/manage/configure-datacenter-firewall-acls
https://docs.microsoft.com/en-us/powershell/module/networkcontroller/new-networkcontrolleraccesscontrollist?view=win10-ps
New Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. All client computers run Windows 10.
You plan to deploy a Remote Desktop connection solution for the client computers.
You have four available servers in the domain that can be configured as Remote Desktop servers. The servers are configured as shown in the following table.
You need to ensure that all Remote Desktop connections can be protected by using Remote Credential Guard.
Solution: You deploy the Remote Desktop connection solution by using Server1.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
https://docs.microsoft.com/en-us/windows/security/identity-protection/remote-credential-guard
New Question
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1.
You implement the Host Guardian Service (HGS) configured for admin-trusted attestation.
You install the Hyper-V server role on Server1.
You need to add Server1 to the guarded hosts.
What should you do?
A. On Server1, install the Host Guardian Hyper-V Support feature and a computer certificate from a trusted certification authority (CA).
B. On Server1, install the Device Health Attestation server role and a computer certificate from a trusted certification authority (CA).
C. Install the Host Guardian Hyper-V Support feature on Server1 and add Server1 to a domain security group.
D. Install the Device Health Attestation server role on Server1 and add Server1 to a domain security group.
Answer: C
Explanation:
https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-guarded-host-prerequisites
https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-admin-trusted-attestation-creating-a-security-group
1.|2019 Latest Braindump2go 70-744 Exam Dumps (PDF & VCE) Instant Download:
https://www.braindump2go.com/70-744.html
2.|2019 Latest Braindump2go 70-744 Exam Questions & Answers Instant Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNMDN6VjRLbFVKaWM?usp=sharing
Braindump2go | Testking | Pass4sure | Actualtests | Others | |
$99.99 | $124.99 | $125.99 | $189 | $29.99/$49.99 | |
Up-to-Dated | ✔ | ✖ | ✖ | ✖ | ✖ |
Real Questions | ✔ | ✖ | ✖ | ✖ | ✖ |
Error Correction | ✔ | ✖ | ✖ | ✖ | ✖ |
Printable PDF | ✔ | ✖ | ✖ | ✖ | ✖ |
Premium VCE | ✔ | ✖ | ✖ | ✖ | ✖ |
VCE Simulator | ✔ | ✖ | ✖ | ✖ | ✖ |
One Time Purchase | ✔ | ✖ | ✖ | ✖ | ✖ |
Instant Download | ✔ | ✖ | ✖ | ✖ | ✖ |
Unlimited Install | ✔ | ✖ | ✖ | ✖ | ✖ |
100% Pass Guarantee | ✔ | ✖ | ✖ | ✖ | ✖ |
100% Money Back | ✔ | ✖ | ✖ | ✖ | ✖ |