70-744 Dumps 70-744 Exam Questions 70-744 New Questions 70-744 PDF 70-744 VCE Microsoft

[2017 New] Microsoft 70-744 Latest Dumps Free Download From Lead2pass (31-45)

2017 April Microsoft Official New Released 70-744 Q&As in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

2017 get prepared with fully updated Microsoft 70-744 real exam questions and accurate answers for 70-744 exam. Lead2pass IT experts review the 70-744 newly added questions and offer correct Microsoft 70-744 exam questions answers. 100% pass easily!

Following questions and answers are all new published by Microsoft Official Exam Center: http://www.lead2pass.com/70-744.html

QUESTION 31
Note: This question ts part of a series of questions that present the same scenario. Each question In the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question In this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2016.
The forest contains 2,000 client computers that run Windows 10. All client computers are deployed from a customized Windows image.
You need to deploy 10 Privileged Access Workstations (PAWs). The solution must ensure that administrators can access several client applications used by all users.
Solution: You deploy one physical computer and configure it as a Hyper-V host that runs Windows Server 2016.
You create 10 virtual machines and configure each one as a PAW.
Does this meet the goal?

A.    Yes
B.    No

Answer: B
Explanation:
“The PAW architecture does not allow for hosting an admin VM on a user workstation, but a user VM with a standard corporate image can be hosted on a PAW host to provide personnel with a single PC for all responsibilities.
https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/privileged-access-workstations

QUESTION 32
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server5 that has the Windows Server Update Services server role installed.
You need to configure Windows Server Update Services (WSUS) on Server5 to use SSI.
You install a certificate in the local Computer store.
Which two tools should you use? Each correct answer presents part of the solution.

A.    Wsusutil
B.    Netsh
C.    Internet Information Services (IIS) Manager
D.    Server Manager
E.    Update Services

Answer: AC
Explanation:
https://technet.microsoft.com/en-us/library/hh852346(v=ws.11).aspx#bkmk_3.5.ConfigSSL
http://jackstromberg.com/2013/11/enabling-ssl-on-windows-server-update-services-wsus/

QUESTION 33
Note: Thts question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question In this section, you will NOT be able to return to It. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com.
The domain contains a computer named Computer1 that runs Windows 10.
Computer1 connects to a home network and a corporate network.
The corporate network uses the 172.16.0.0/24 address space internally.
Computerl runs an application named App1 that listens to port 8080.
You need to prevent connections to App1 when Computer1 is connected to the home network.
Solution: From Windows Firewall in the Control Panel, you add an application and allow the application to communicate through the firewall on a Private network.
Does this meet the goal?

A.    Yes
B.    No

Answer: A

QUESTION 34
Your network contains an Active Directory domain named contoso.com. The domain contains five servers. All servers run Windows Server 2016.
A new secunty policy states that you must modify the infrastructure to meet the following requirements:

– Limit the nghts of administrators.
– Minimize the attack surface of the forest
Support Multi-Factor authentication for administrators.

You need to recommend a solution that meets the new secunty policy requirements.
What should you recommend deploying?

A.    an administrative forest
B.    domain isolation
C.    an administrative domain in contoso.com
D.    the Local Administrator Password Solution (LAPS)

Answer: A

QUESTION 35
Note: Thb question is part of a series of questions th?present the same scenario. Each question In the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to It. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2016.
The forest contains 2,000 client computers that run Windows 10. All client computers are deployed from a customized Windows image.
You need to deploy 10 Pnvileged Access Workstations (PAWs). The solution must ensure that administrators can access several client applications used by all users.
Solution: You deploy 10 physical computers and configure them as PAWs.
You deploy 10 additional computers and configure them by using the customized Windows image.
Does this meet the goal?

A.    Yes
B.    No

Answer: A

QUESTION 36
Your network contains an Active Directory domain named contoso.com.
The domain contains two servers named Server1 and Server2 that run Windows Server 2016.
Server1 is configured as a domain controller.
You configure Server1 as a Just Enough Administration (JEA) endpoint.
You configure the required JEA rights for a user named User1.
You need to tell User1 how to manage Active Directory objects from Server2.
What should you tell User1 to do first on Server2?

A.    From a command prompt, run ntdsutil.exe.
B.    From Windows PowerShell, run the Import-Module cmdlet.
C.    From Windows PowerShell run the Enter-PSSession cmdlet.
D.    Install the management consoles for Active Directory, and then launch Active Directory Users and Computer.

Answer: C
Explanation:
“Enter-PSSession -ComputerName localhost -ConfigurationName demo1ep. You should see your prompt change to [localhost]: indicating that you are now in the special constrained session configuration. Run Get-Command. Observe the limited set of commands available”.
https://blogs.technet.microsoft.com/privatecloud/2014/05/14/just-enough-administration-step-by-step/

QUESTION 37
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Serve1, that runs Windows Server 2016.
A technician is testing the deployment of Credential Guard on Server1.
You need to verify whether Credential Guard is enabled on Server1.
What should you do?

A.    From a command prompt fun the credwiz.exe command.
B.    From Task Manager, review the processes listed on the Details tab.
C.    From Server Manager, click Local Server, and review the properties of Server!
D.    From Windows PowerShell, run the Get-WsManCredSSP cmdlet.

Answer: B

QUESTION 38
Your network contains an Active Directory domain named contoso.com.
The domain contains 100 servers.
You deploy the Local Administrator Password Solution (LAPS) to the network.
You deploy a new server named FinanceServer5, and join FinanceServerS to the domain.
You need to ensure that the passwords of the local administrators of FinanceServer5 are available to the LAPS administrators.
What should you do?

A.    On FinanceServerS, register AdmPwd.dll.
B.    On FmanceServerS, install the LAPS Windows PowerShell module.
C.    In the domain, modify the permissions for the computer account of FmanceServer5.
D.    In the domain, modify the permissions of the Domain Controllers organizational unit (OU).

Answer: B

QUESTION 39
Your network contains an Active Directory domain named contoso.com.
You are deploying Microsoft Advanced Threat Analytics (ATA) to the domain.
You install the ATA Center on server named Server1 and the ATA Gateway on a server named Served.
You need to ensure that Server2 can collect NTLM authentication events.
What should you configure?

A.    the domain controllers to forward Event ID 4776 to Server2
B.    the domain controllers to forward Event ID 1000 to Server1
C.    Server2 to forward Event ID 1026 to Server1
D.    Server1 to forward Event ID 1000 to Server2

Answer: A

QUESTION 40
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question Is independent of the other questions in this series. Information and details provided in a question apply only to that question.

Your network contains an Active Directory domain named contoso.com.
The domain contains a file server named Server1 that runs Windows Server 2016.
You need to create Work Folders on Server1.
Which tool should you use?

A.    File Explorer
B.    Shared Folders
C.    Server Manager
D.    Disk Management
E.    Storage Explorer
F.    Computer Management
G.    System Configuration
H.    File Server Resource Manager (FSRM)

Answer: C

QUESTION 41
Your network contains an Active Directory forest named conloso.com.
The network is connected to the Internet.
You have 100 point-of-sale (POS) devices that run Windows 10.
The devices cannot access the Internet.
You deploy Microsoft Operations Management Suite (OMS).
You need to use OMS to collect and analyze data from the POS devices.
What should you do first?

A.    Deploy Windows Server Gateway to the network.
B.    Install the OMS Log Analytics Forwarder on the network.
C.    Install Microsoft Data Management Gateway on the network.
D.    Install the Simple Network Management Protocol (SNMP) feature on the devices.
E.    Add the Microsoft NDJS Capture service to the network adapter of the devices.

Answer: B
Explanation:
https://blogs.technet.microsoft.com/msoms/2016/03/17/oms-log-analytics-forwarder/

QUESTION 42
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1.
Server1 is configured as shown in the following table.

 

You plan to create a pilot deployment of Microsoft Advanced Threat Analytics (ATA).
You need to install the ATA Center on Server1.
What should you do first?

A.    Install Microsoft Security Compliance Manager (SCM).
B.    Obtain an SSL certificate.
C.    Assign an additional IPv4 address.
D.    Remove Server1 from the domain.

Answer: D

QUESTION 43
Note: This question Is part of a series of questions that present the same scenario. Each question In the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to It. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts.
You need to deploy several critical line-to-business applications to the network to meet the following requirements:

– The resources of the applications must be isolated (rom the physical host.
– Each application must be prevented from accessing the resources of the other applications.
– The configurations of the applications must be accessible only from the operating system that hosts the application.

Solution: You deploy a separate Hyper-V container for each application.
Does this meet the goal?

A.    Yes
B.    No

Answer: A

QUESTION 44
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You have an organizational unit (OU) named Secure that contains all servers.
You install Microsoft Security Compliance Manager (SCM) 4.0 on a server named Server1.
You need to export the SCM Pnnt Server Secunty baseline and to deploy the baseline to a server named Server2.
What should you do? To answer, select the appropnate options in the answer area.

 

Answer:

 

QUESTION 45
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2016.
The services on Server1 are shown in the following output.

 

Sefver1 has the AppLocker rules configured as shown in the exhibit (Click the Exhibit button.)

 

Rule1 and Rule2 are configured a$ shown in the following table.

 

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

 

Answer:

Latest 70-744 questions and answers from Microsoft Exam Center offered by Lead2pass for free share now! Read and remember all real questions answers, Guarantee pass 70-744 real test 100% or full money back!

70-744 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDRTV1TFlfb2RCbjQ

2017 Microsoft 70-744 exam dumps (All 65 Q&As) from Lead2pass:

http://www.lead2pass.com/70-744.html [100% Exam Pass Guaranteed!!!]