70-686

Card Set Information

Author:
cmplxsmplcty
ID:
31205
Filename:
70-686
Updated:
2010-08-25 17:21:54
Tags:
Windows Administrator
Folders:

Description:
Study Guide
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user cmplxsmplcty on FreezingBlue Flashcards. What would you like to do?


  1. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of two
    segments named KingCore and KingSecurity shown in the exhibit below:


    The KingCore network is used for performing centralized management and the King-Security
    segment is separate network isolated by a firewall. Network communication between the two
    segments is limited by the firewall.

    CertKiller.com additionally decided to have the workstations upgraded to Microsoft Windows 7.
    You receive instruction from CertKiller.com to ensure that you manage the activation of the
    workstations located in the KingSecurity segment.


    What should you do?

    A. You should consider having the Volume Activation Management Tool (VAMT) installed in the
    KingCore network segment.

    B. You should consider having the Volume Activation Management Tool (VAMT) installed in the
    KingSecurity network segment.

    C. You should consider having the Key Management Service (KMS) deployed in the KingCore
    network segment.

    D. You should consider having the Key Management Service (KMS) deployed in the KingSecurity
    network segment.
    Answer: B
  2. You work as a network administrator at CertKiller.com. The CertKiller.com network of a single
    Active Directory domain named CertKiller.com which makes use of Active Directory-integrated
    DNS. All client computers on the CertKiller.com network run Microsoft Windows 7.

    You receive instruction from CertKiller.com to have Microsoft Key Management Service (KMS)
    deployed on a client workstation whilst ensuring the other workstations are able to connect to the
    Key Management Service (KMS) host for activation purposes.

    What should you do? (Choose two)

    A. You should consider having the KMS server granted the Full Control permission on the
    _vlmcs._tcp.CertKiller.com DNS record.

    B. You should consider having the KMS server granted the Full Control permission on the
    _msdcs._tcp.CertKiller.com DNS zone.

    C. You should consider having a GPO firewall rule created and deployed to allow RPC traffic
    through TCP port 1688 on the workstations.

    D. You should consider having a Windows Server 2008 KMS host deployed.
    Answer: A,C
  3. You work as a network administrator at CertKiller.com. The CertKiller.com network is not
    connected to the Internet. All client computers on the CertKiller.com network run Microsoft
    Windows XP Professional.

    CertKiller.com has recently decided to have half the workstations upgraded to Microsoft Windows
    7. You receive instruction from CertKiller.com to have the most efficient method used to activate
    Windows 7.

    What should you do?

    A. You should consider having the Multiple Activation Key (MAK) Proxy used for the first half
    computers.
    You should then make use of the Key Management Service (KMS) for the remaining computers.

    B. You should consider having the Multiple Activation Key (MAK) Independent used for the first
    half computers.
    You should then make use of the Multiple Activation Key (MAK) Proxy for the remaining
    computers.

    C. You should consider having the Key Management Service (KMS) used for all the workstations.

    D. You should consider having the Multiple Activation Key (MAK) Independent used for all the
    workstations.
    Answer: C
  4. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows 7.

    The CertKiller.com domain consists of four network segments that are configured as Active
    Directory site objects as shown in the exhibit below:


    You receive instruction from CertKiller.com to ensure that the workstations located at the Toronto
    office are able to activate their copies of Windows 7.

    What should you do?

    A. You should consider having a DNS service (SRV) resource record named
    _vlmcs._tcp.Toronto._sites.CertKiller.com created.

    B. You should consider having a DNS service (SRV) resource record named
    _vlmcs._udp.Toronto._sites.CertKiller.com created.

    C. You should consider having the Multiple Activation Key (MAK) deployed in the Toronto office.

    D. You should consider having the Key Management Service (KMS) deployed in the Toronto
    office.
    Answer: C
  5. You work as a network administrator at CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows 7. The CertKiller.com network configuration is depicted in the
    exhibit below:


    You receive instruction from CertKiller.com to ensure that the workstations in the Atlanta and
    Toronto offices are able to activate Windows 7.

    What should you do? (Choose two)

    A. You should consider having DNS configured so the workstations in the Toronto office use the
    Key Management Service (KMS) in the Miami network

    B. You should consider having DNS configured so the workstations in the Toronto office use the
    Key Management in the Miami office.

    C. You should consider having the Key Management Service (KMS) deployed in the Atlanta office.

    D. You should consider having the Key Management Service (KMS) deployed in the Toronto
    office.
    Answer: A,D
  6. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain, named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional.

    You are in the process of designing a Microsoft Windows 7 deployment, which will be installed by
    means of a Multiple Activation Key (MAK). During the course of the day you receive instruction
    from CertKiller.com to make sure that an answer file is used to pass the MAK configuration.

    Which of the following options should you consider for your solution?

    A. You should consider having the WindowsPE configuration pass added to MAK.

    B. You should consider having the AuditSystem configuration pass added to MAK.

    C. You should consider having the Specialize configuration pass added to MAK.

    D. You should consider having the Generalize configuration pass added to MAK.
    Answer: C
  7. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows 7. The CertKiller.com contains a Microsoft Windows Server
    Update Services (WSUS) server for the deployment of software updates.

    The CertKiller.com issues a new security policy states that security updates are to be deployed by
    4:00 P.M. every Friday and all computers are not on should have the update applied when they
    are started. You need to ensure that the software update process meets the security policy
    requirements.

    What should you do?

    A. You should consider having the security update approved for download through the WSUS
    console with a deadline of Friday at 4:00 P.M

    B. You should consider having the security update approved for download through the WSUS
    console with no deadline.

    C. You should consider having the security update approved for installation through WSUS
    console with a deadline of Friday at 4:00 P.M.

    D. You should consider having the security update approved for installation through the WSUS
    console with no deadline.
    Answer: C
  8. You work as a network administrator at CertKiller.com. All client computers on the CertKiller.com
    network run either Microsoft Windows Vista or Microsoft Windows 7. All client computers are
    configured to receive security updates directly from the Microsoft Update Web site once a week
    and to install the updates automatically.

    A new security update for Windows 7 is released over the weekend. On Monday you want to
    identify the Windows 7 computers that do not have the security update installed.

    What should you do to accomplish this task with the minimum effort?

    A. You should consider having the Microsoft Baseline Security Analyzer (MBSA) used to scan the
    workstations.
    You should then have the Microsoft Baseline Security Analyzer (MBSA) configured to use the
    Microsoft Update site catalog.

    B. You should consider having the Microsoft Baseline Configuration Analyzer (MBCA) used to
    scan the workstations.

    C. You should consider having the Microsoft Windows Server Update Services (WSUS) deployed.
    You should then have the security update approved for installation whilst forcing a detection cycle
    on the workstations.

    D. You should consider having the Microsoft Windows Server Update Services (WSUS) deployed.
    You should then have the security update approved for detection whilst forcing a detection cycle
    on the workstations.
    Answer: A
  9. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com.
    All workstations on the CertKiller.com network run Microsoft Windows 7. CertKiller.com currently
    makes use of Microsoft Update to download and install security updates.

    You have recently received notification that a new Microsoft security update has become
    available. An existing CertKiller.com security policy states that before updates are installed on the
    CertKiller.com network, workstations that require the update must first be identified. Secondly, it
    should be determined what changes may occur as a result of the updates. Lastly, determine which
    application could be impacted by applying the security update.

    What should you do to adhere to CertKiller.com's security policy?

    A. You should consider having the Update Compatibility Evaluator used to check for issues.

    B. You should consider having the Windows Compatibility Evaluator used to check for issues.

    C. You should consider having the Inventory Collector used to check for issues.

    D. You should consider having the Setup Analysis Tool used to check for issues.
    Answer: A
  10. You work as a network administrator at CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows 7. CertKiller.com has its headquarters in Miami and branch offices
    in Toronto and Philadelphia. A T1 line connects the offices connected to the Internet while a lowbandwidth connection the Toronto and Philadelphia offices to the Miami office. The CertKiller.com
    network configuration is depicted in the exhibit below:


    CertKiller.com has recently decided to have Microsoft Windows Server Update Services (WSUS)
    used to provide software updates for computers in all its offices. You receive instruction from
    CertKiller.com to plan the implementation of WSUS whilst ensuring that traffic over the lowbandwidth
    connections is kept at a minimum.

    What should you do? (Choose two)

    A. You should consider having IPsec configured to make use of updates stored on Microsoft
    Update.

    B. You should consider having BranchCache deployed on the WSUS server and workstations.

    C. You should consider having WSUS configured to make use of updates stored locally.

    D. You should consider having WSUS configured to make use of updates stored on Microsoft
    Update.

    E. You should consider having WSUS servers deployed in the Toronto and Philadelphia offices.
    Answer: D,E
  11. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows 7. You receive instruction from CertKiller.com to have an
    additional operating system option added to the Windows 7 workstations' boot menu.

    What should you do?

    A. You should consider having the BCDedit utility used to add a native-boot Virtual Hard Drive
    (VHD) entry to the boot menu.

    B. You should consider having the BCDboot utility used to modify the system partition.

    C. You should consider having the Bootcfg utility used to modify the boot parameters.

    D. You should consider having the DiskPart utility in WindowsPE used to attach a Virtual Hard
    Drive (VHD).
    Answer: A
  12. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows 7. CertKiller.com has recently requested that you design a
    Windows 7 virtual desktop infrastructure that meets the requirements:
    The virtual desktop infrastructure should provide access to Remote Desktop Services RemoteApp
    sources from multiple remote desktop servers.The virtual desktop infrastructure should support
    Network Load Balancing (NLB).The virtual desktop infrastructure should support reconnecting to
    existing sessions on virtual desktops.
    CertKiller.com wants you to ensure that the design meets the set criteria.

    What should you do?

    A. You should consider having Windows Deployment Services included in the design.

    B. You should consider having Windows Virtual PC and Windows XP Mode included in the design.

    C. You should consider having the Remote Desktop Gateway included in the design.

    D. You should consider having the Remote Desktop Connection Broker included in the design.
    Answer: D
  13. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista. CertKiller.com currently uses an application that does not
    run on Microsoft Windows 7.

    During the course of the day CertKiller.com decided to have all the workstations upgraded to
    Microsoft Windows 7. During your maintenance you determine that Microsoft Enterprise Desktop
    Virtualization (MED-V) v2 should be used for allowing the users to continue using the application.
    You want to ensure the virtual machine (VM) images containing the application is only used by
    network users connected to the MED-V server.

    What should you do?

    A. You should consider having the MED-V TrimTransfer technology used to deploy the VM image
    over the network.

    B. You should consider having the Microsoft System Center Configuration Manager used to
    deploy the VM image to an image store directory.

    C. You should consider having the BitLocker Drive Encryption used to encrypt the drive on which
    the VM image is stored.

    D. You should consider having the MED-V workspace configured to prevent offline operation in the
    MED-V console.
    Answer: D
  14. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista. CertKiller.com currently uses an application that updated
    frequently but does not run on Microsoft Windows 7.

    During the course of the day CertKiller.com decided to have all the workstations upgraded to
    Microsoft Windows 7. You need to ensure that application works on Windows 7 and that easily
    updated.

    What should you do?

    A. You should consider having the Windows XP Mode configured on all Windows 7 workstations.
    You should then have the virtual machine image and updates distributed through a file share
    resource.

    B. You should consider having the Windows XP Mode configured on all Windows 7 workstations.
    You should then have the virtual machine image and updates distributed through Microsoft
    System Center Configuration Manager.

    C. You should consider having the Microsoft Enterprise Desktop Virtualization (MED-V) v2 to all
    Windows 7 workstations.
    You should then have the virtual machine image and updates distributed through MED-V
    TrimTransfer.

    D. You should consider having the Microsoft Enterprise Desktop Virtualization (MED-V) v2 to all
    Windows 7 workstations.
    You should then have the virtual machine image and updates distributed through Microsoft
    System Center Configuration Manager
    Answer: C
  15. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows XP Professional.

    CertKiller.com recently decided to have a Microsoft Windows 7 image deployed to portable
    computers. CertKiller.com wants you to ensure that the portable computers access to all
    applications on the first start and provides language-pack support based on location.

    What should you do?

    A. You should consider having one thin image created for the portable computers.
    You should then have one thick image created for all other workstations.

    B. You should consider having one thick image created for the portable computers.
    You should then have one thin image created for all other workstations.

    C. You should consider having a single thin image created for all workstations.

    D. You should consider having a single hybrid image created for all workstations.
    Answer: B
  16. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista. The CertKiller.com workstations hardware configuration is
    shown in the table below:


    You receive instruction from CertKiller.com to have Microsoft Windows 7 deployed to the
    workstations using the least amount of images.

    What should you do?

    A. You should consider having 1 image used for all computers.

    B. You should consider having 1 images used for each HAL type.

    C. You should consider having 1 images used for each hardware architecture.

    D. You should consider having 1 images used for each hardware configuration.
    Answer: C
  17. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. CertKiller.com has its headquarters located
    in Miami and branch offices in London, Madrid and Berlin. All client computers on the
    CertKiller.com network run Microsoft Windows Vista.

    CertKiller.com has recently decided to create and test a Windows 7 Enterprise master image that
    supports all language packs. During the course of the day CertKiller.com requests that you use the
    master image to create regional images with only the required language pack for the specific
    region. CertKiller.com wants the testing and validation of the regional image to be minimized.

    What should you do?

    A. You should consider having the master image deployed to a target computer.
    You should then have the unnecessary language packs removed and finally capture each regional
    image.

    B. You should consider having the lpksetup.exe /u command run in unattended mode on the
    master image

    C. You should consider having the master image serviced online by using the Deployment Image
    Servicing and Management (DISM) tool.

    D. You should consider having the master image serviced offline by using the Deployment Image
    Servicing and Management (DISM) tool.
    Answer: D
  18. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista.

    You receive instruction from CertKiller.com to have a custom Windows 7 Enterprise image created
    that can be used to deploy Windows 7 as well as several custom applications. You need to verify
    that the custom applications will work after deploying Windows 7.

    What should you do?

    A. You should consider having the custom image deployed to a Virtual Hard Disk (VHD).
    You should then boot from the VHD.

    B. You should consider having the custom image deployed and run the sigverif.exe command.

    C. You should consider having the custom image mounted by using the Deployment Image
    Servicing and Management (DISM) tool.

    D. You should consider having the ImageX utility used with the check option to mount the image.
    Answer: A
  19. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista. The CertKiller.com network contains a Telnet server.

    You receive instruction from CertKiller.com to plan the deployment of Microsoft Windows 7
    Enterprise to the workstations by using a custom image. The custom image must enable
    CertKiller.com users to connect to the Telnet server.

    What should you do?

    A. You should consider having the Telnet Server feature turned on in the image.

    B. You should consider having the Telnet Client feature turned on in the image.

    C. You should consider having the Windows Firewall configured to allow the Telnet program
    through Windows Firewall before capturing the image.

    D. You should consider having the User Account Control (UAC) settings changed before capturing
    the image.
    Answer: B
  20. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista.

    CertKiller.com has recently acquired a baseline image. You need to verify the baseline image is
    valid before you use the image to design a Windows 7 deployment package.

    What should you do?

    A. You should consider having the Windows System Image Manager (Windows SIM) tool used to
    check.

    B. You should consider having the Deployment Image Servicing and Management (DISM) tool
    used to check.

    C. You should consider having the ImageX utility used to check.

    D. You should consider having the Windows Compatibility Evaluator tool used to check.
    Answer: C
  21. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista.

    CertKiller.com has Windows 7 image which will be used to deploy Windows 7 on the client
    computers. You need to alter the image and change the of Windows 7 edition to Windows 7
    Enterprise.

    What should you do?

    A. You should consider having the Windows Setup used to service the image.

    B. You should consider having the audit mode used to service the image.

    C. You should consider having the image serviced online.

    D. You should consider having the image serviced offline.
    Answer: D
  22. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista.

    CertKiller.com instructs you to prepare for the deployment of Microsoft Windows 7 on its client
    computers. CertKiller.com has an existing image that must be used for the deployment. You
    receive instruction from CertKiller.com to have a volume image added to the image.

    What should you do?

    A. You should consider having the ImageX utility used to append the volume image.

    B. You should consider having the Deployment Image Servicing and Management (DISM) tool
    used to mount the image.

    C. You should consider having the image serviced online.

    D. You should consider having the DiskPart utility used to attach a new volume.
    Answer: A
  23. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista.

    CertKiller.com instructs you to prepare for the deployment of Microsoft Windows 7 on its client
    computers. CertKiller.com has an existing image that must be used for the deployment. You
    receive instruction from CertKiller.com to have additional drivers included in the Windows 7 image.

    What should you do? (Choose two)

    A. You should consider having the executable files for driver packages used.

    B. You should consider having the Windows Installer files for driver packages used.

    C. You should consider having the Deployment Image Servicing and Management (DISM) tool
    used online

    D. You should consider having the Deployment Image Servicing and Management (DISM) tool
    used offline.

    E. You should consider having the INF files for driver packages used.
    Answer: D,E
  24. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. CertKiller.com has its headquarters located
    in Miami and branch offices in London, Madrid, Paris and Berlin. The Berlin office also has a store
    kiosk. The computers on the network have identical hardware whilst the Kiosk computers belong
    to workgroup named KIOSK.

    CertKiller.com recently requested that you configure the Kiosk computers to use specific settings
    for local security and the branch office computers to use BitLocker Drive Encryption.
    CertKiller.com wants you to plan an image creation strategy for the deployment but you must also
    ensure that image maintenance is minimized.

    What should you do?

    A. You should consider having a single image created to use for all location types.
    You should then have a custom Windows security template created for each location type.

    B. You should consider having a single image created to use for the branch office computers and
    the kiosk computers.
    You should then have a separate image created to use for the main office computers.

    C. You should consider having a single image created to use for the main office computers and
    the branch office computers which has the required settings applied through Group Policy.
    You should then have a separate image created to use for the kiosk computers.

    D. You should consider having one image created to use for each location type.
    You should then have the hard disks on the branch office computers encrypted prior to capturing
    the image.
    Answer: C
  25. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista.

    CertKiller.com wants you to deploy Windows 7 on the client computers. You need to develop a
    deployment strategy that will have the user state of each user migrated and will have the file
    system and existing applications reserved.

    What should you do?

    A. You should consider having the Refresh Computer method used for all computers.

    B. You should consider having the Upgrade Computer method used for all computers.

    C. You should consider having the New Computer method used for all computers.

    D. You should consider having the Replace Computer method used for all computers.
    Answer: B
  26. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows Vista.

    During the course of the day you receive instruction from CertKiller.com to plan for the deployment
    of Microsoft Windows 7 by means of a custom application. CertKiller.com also informs you that
    your solution must allow the custom application to be accessible to specific groups of users, as
    well as have the ability to monitor the application usage.

    What should you use in this instance?

    A. You should consider making use of the Microsoft Application Virtualization (App-V) deployment
    method in your deployment design.

    B. You should consider making use of the Windows 7 image baseline which includes the custom
    application in your deployment design

    C. You should consider making use of the software installation method in Group Policy in your
    deployment design.

    D. You should consider making use of the startup scripts method in Group Policy in your
    deployment design.
    Answer: A
  27. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows 7.

    During the course of the day you receive instruction from CertKiller.com to commence planning for
    the deployment of a custom application. Furthermore, CertKiller.com instructs you to schedule the
    deployment to take place outside working hours, and should require no user intervention.

    Which of the following is a task that meets these requirements?

    A. You should make use of the Lite Touch Installation method in your deployment design.

    B. You should make use of the software deployment with Microsoft System Center Configuration
    Manager 2007 method in your deployment design.

    C. You should make use of the software installation with Group Policy in your deployment design.

    D. You should make use of the Microsoft Application Virtualization (App-V) method in your
    deployment design.
    Answer: B
  28. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. The CertKiller.com network servers run
    Microsoft Windows Server 2008 R2 and the CertKiller.com workstations currently make use of
    Microsoft Windows 7.

    During the course of the day you receive instruction from CertKiller.com to start planning the
    design for the deployment of a custom business application. CertKiller.com also informs you that
    your solution must allow the custom business application to be accessible to users who require it,
    as well as keep network traffic to a minimum.

    Which of the following should you use in this situation?

    A. You should make use of the Microsoft Application Virtualization (App-V) method in your
    deployment design.

    B. You should make use of the Microsoft System Center Configuration Manager 2007 method in
    your deployment design.

    C. You should make use of the RemoteApp and Desktop Connections method in your deployment
    design.

    D. You should make use of the software installation in Group Policy method in your deployment
    design.
    Answer: C
  29. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional x64. The CertKiller.com network users currently
    make use of an application that is not compatible with Microsoft Windows 7 Enterprise x64.

    During the course of the day you receive instruction from CertKiller.com to design a strategy for
    deploying Microsoft Windows 7 Enterprise x64 to the CertKiller.com workstations. CertKiller.com
    also stipulates that the application should be accessible to all users, and that the application
    should be deployed and managed via a centralized deployment strategy.

    What should you do to meet CertKiller.com's requirements?

    A. You should consider having the Microsoft Application Virtualization (App-V) client installed on
    each CertKiller.com workstation. You should then consider having the application streamed by
    making use of App-V.

    B. You should consider having the Microsoft Application Virtualization (App-V) client installed on
    each CertKiller.com workstation. You should then consider having the application run in offline
    mode.

    C. You should consider having the application installed on all workstations by using Group Policy.
    You should then consider making use of the Compatibility tab.

    D. You should consider having the Microsoft Enterprise Desktop Virtualization (MED-V) v2
    package installed on each CertKiller.com workstation.
    Answer: D
  30. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista.

    CertKiller.com has recently decided to have Microsoft Windows 7 deployed on its client
    computers. You have created several Windows 7 images created for the deployment. However,
    new device drivers have been released since the images were created. You receive instruction
    from CertKiller.com to plan an image update strategy to replace the old device drivers with the
    new device drivers.

    What should you do? (Choose two)

    A. You should consider having each image mounted by using the Deployment Image Servicing
    and Management (DISM) tool.
    You should then have the old driver deleted and inject the new driver.

    B. You should consider having each image mounted by using ImageX.
    You should then have the new driver installed.

    C. You should consider having the each image mounted to a reference computer and uninstall the
    old driver and install the new driver.
    You should then have the new image captured.

    D. You should consider having each image mounted by using the Deployment Image Servicing
    and Management (DISM) tool.
    You should then have the new driver copied into a new folder in the image.
    Answer: A,C
  31. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.

    CertKiller.com contains a client workstation named CERTKILLER-WS123 that is running Windows
    7. A CertKiller.com user named Mia Hamm complained that CERTKILLER-WS123 cannot connect
    to the domain. During troubleshoot; you see that the CERTKILLER-WS123 gave you the following
    error message:Computer account in its primary domain is missingPassword on account is
    incorrect

    Mia Hamm needs to log on to the domain with CERTKILLER-WS123.

    What should you do?

    A. You should consider having the computer account for CERTKILLER-WS123 added to the
    Domain Computers Active Directory group.

    B. You should consider having the account password for CERTKILLER-WS123 reset via the
    Active Directory Users and Computers.

    C. You should consider having the account password for Mia Hamm reset via the Active Directory
    Users and Computers.

    D. You should consider disjoining CERTKILLER-WS123 from the domain.
    Thereafter CERTKILLER-WS123 should be rejoined to the domain.
    Answer: D
  32. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.
    CertKiller.com contains about 1,500 Windows Vista workstations that are members of the domain.
    You have received instructions from the CIO to deploy Windows 7. However, you need to verify
    the hardware compatibility of the 1,500 workstations.

    What should you do?

    A. The best option is to run the System Center Capacity Planner.

    B. The best option is to run the System Center Configuration Manager.

    C. The best option is to run the Microsoft Assessment and Planning Toolkit.

    D. The best option is to run the Windows Performance Monitor Data Collector Sets.
    Answer: C
  33. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.

    You have received instructions from the CIO to deploy Windows 7. You want to configure the
    system settings by using Windows PowerShell scripts when you perform the deployment of
    Windows 7 on the client computers. You need to make sure that the Windows PowerShell scripts
    will run on the client computers during the initial setup.

    What should you do?

    A. The best option is to adjust the script execution policy to RemoteSigned.

    B. The best option is to adjust the script execution policy to AllSigned.

    C. The best option is to adjust the script execution policy to Restricted.

    D. The best option is to use Group Policy preferences.
    Answer: A
  34. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.

    CertKiller.com contains about 1,500 Windows 7workstations. You need to deploy a new
    accounting application to the workstations. You want to deploy the application in the context of the
    Local System account.

    What should you do?

    A. You should deploy the application using either a startup script or a shutdown script.

    B. You should deploy the application using either a startup script or a logon script.

    C. You should deploy the application using either a logon script or a logoff script.

    D. You should deploy the application using either a logoff script or a shutdown script.
    Answer: A
  35. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.

    CertKiller.com contains about 1,300 Windows 7 workstations that need a number of software
    installation scripts. You then prepare software installation scripts for these workstations. However,
    a group policy setting is needed which will allow the CertKiller.com users to log on to their
    workstations after the first boot.

    What should you do?

    A. The best option is to enable the Run startup scripts asynchronously option.

    B. The best option is to enable the Run logon scripts synchronously option.

    C. The best option is to disable the Run startup scripts asynchronously option.

    D. The best option is to disable the Run logon scripts synchronously option.
    Answer: A
  36. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. CertKiller.com contains about 1,500
    workstations that are running Windows XP Professional. 1,200 of these workstations are using the
    CertKiller.com LAN and the remaining of the workstations are portable computers.

    You have received instructions from the CIO to install Windows 7 on all CertKiller.com's
    workstations. The CIO also informs you that the management at CertKiller.com wants you to
    create a software report of all CertKiller.com's workstations.

    What should you do to adequately meet these requirements?

    A. The best option is to use the Microsoft System Center Data Protection Manager.

    B. The best option is to use the Microsoft System Center Essentials.

    C. The best option is to use the Microsoft Desktop Optimization Pack.

    D. The best option is to use the Microsoft System Center Operations Manager.
    Answer: C
  37. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. The CertKiller.com network contains about
    10 workstations running Windows 7 Enterprise.

    You are in the process of designing a deployment strategy for new administrative template policy
    settings using custom ADMX files. Subsequent to creating the custom ADMX files, you save it on
    a network share. When you open the Group Policy Object Editor, you find that the custom ADMX
    files are not found in the Group Policy editing session.

    What should you do to make sure that the GPO Editor has access to the ADMX files?

    A. You should restart the GPO Editor after copying the ADMX files to the %systemroot%\inf folder
    on all 10 Windows 7 workstations.

    B. You should restart the GPO Editor after copying the ADMX files to the %systemroot%\system32
    folder on all 10 Windows 7 workstations.

    C. You should restart the GPO Editor after copying the ADMX files to the central store.

    D. You should access the network share permissions to grant all Windows 7 users the Read
    access for the share.
    Answer: C
  38. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com.

    You are in the process of designing an upgrade strategy to upgrade CertKiller.com's workstations
    to Microsoft Windows 7. The CertKiller.com network also makes use of a wireless access point
    (WAP).

    A CertKiller.com user named Andy Reid has reported that he frequently suffers connectivity loss to
    the WAP.

    What should you do to troubleshoot the connectivity loss?

    A. The best option would be to use the auditpol.exe to enable failed attempts in the Object Access
    category.

    B. The best option would be to use the auditpol.exe to enable successful attempts in the Object
    Access category.

    C. The best option would be to view events from a source of WanConn via the Event Viewer snapin.

    D. The best option would be to view events from a source of WLAN AutoConfig via the Event
    Viewer snap-in.
    Answer: D
  39. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory forest with a single domain named CertKiller.com.

    You are busy with the implementation of a new Group Policy object (GPO) named TEST Compt
    GPO that will be linked to an organizational unit (OU). TEST Compt GPO contains computer
    configuration settings and user configuration settings. The OU structure is seen in the following
    exhibit:


    You have received instructions from the CIO to make sure that the user configuration settings are
    being applied to the workstations that logs on to the TEST Compt GPO.

    What should you do?

    A. The best option is to enable user configuration settings in the Default Domain Policy GPO.

    B. The best option is to enable loopback processing in the TEST Compt GPO.

    C. The best option is to enable loopback processing in the Default Domain Policy GPO.

    D. The best option is to enable user configuration settings in the TEST Compt GPO.
    Answer: B
  40. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of two
    Active Directory domains that have a two-way trust relationship. The users in the domain can only
    log onto their workstations in their respective domains.

    During a routine monitoring, you notice that the domain controllers display an error message
    stating that the clock skew is too great. You then check and discover that it occurs when the users
    in one domain log on to the workstations in the other domain.

    You have received instructions from the CIO to make sure that the users in both domains is able
    to log onto each other's workstations in any domain at CertKiller.com.

    What should you do to meet these requirements?

    A. The best option is to include the Net Time /setsntp on a startup script and run it on the all the
    workstations.

    B. The best option is to set up the primary domain controller (PDC) emulator in each domain to
    synchronize its clock with the same external time source.

    C. The best option is to decrease the Maximum tolerance for computer clock synchronization
    setting in the default Domain Group Policy object (GPO).

    D. The best option is to include the Net Time /querysmtp on a startup script and run it on the all
    the workstations.
    Answer: B
  41. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named All client computers on the
    CertKiller.com network run Windows 7.

    CertKiller.com is using the Microsoft System Center Configuration Manager 2007 to distribute and
    deploy a new graphics software application. Standard user accounts are used by all CertKiller.com
    users. You want to use a Group Policy to deploy the new graphics software application. However,
    you need to a User Account Control (UAC) policy to ensure the deployment is successful.

    What should you do?

    A. The best option is to enable the Only elevate executables that are signed and validated option.

    B. The best option is to enable the Detect application installations and prompt for elevation option.

    C. The best option is to disable the Detect application installations and prompt for elevation option.

    D. The best option is to disable the Only elevate executables that are signed and validated option.
    Answer: C
  42. You are the newly appointed enterprise administrator at CertKiller.com. The workstations at
    CertKiller.com are running Windows 7 Enterprise.

    A new CertKiller.com security policy requires that programs that are signed by a specific publisher
    should not be run by CertKiller.com users with standard user accounts.

    What should you do to implement this policy?

    A. The best option is to create a path rule in the software restriction policies.

    B. The best option is to create a hash rule in the software restriction policies.

    C. The best option is to create an Executable rule in the AppLocker application control policies.

    D. The best option is to create an Installer rule in the AppLocker application control policies.
    Answer: C
  43. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network currently run Windows XP Professional.

    You are currently designing an installation strategy to deploy Windows 7 to all CertKiller.com client
    computers. The CIO informs you that you might encounter compatibility issues caused by the User
    Account Control (UAC). You now need to test an application for compatibility issues, while
    simultaneously monitoring the operating system use of another application.

    What should you do to make this possible?

    A. The best option would be to make use of the Standard User Analyzer tool.

    B. The best option would be to make use of the Standard User Analyzer Wizard.

    C. The best option would be to make use of the standalone Setup Analysis Tool.

    D. The best option would be to make use of the Setup Analysis Tool in a virtual environment.
    Answer: A
  44. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named All client computers on the
    CertKiller.com network run Windows 7 Enterprise.

    You have received instructions from the CIO to prohibit the CertKiller.com users from changing the
    Internet Explorer logging settings.

    What should you do?

    A. You should enable the Disable the Advanced Page state option.

    B. You should enable the Turn off InPrivate Browsing state option.

    C. You should disable the Disable the Advanced Page state option.

    D. You should enable the Turn off InPrivate Filtering state option.

    E. You should enable the Disable the General Page state option.
    Answer: B,E
  45. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. CertKiller.com has its headquarters located
    in Miami and a branch office in London. The London office only has Kiosk computers are not
    connected to the network.

    CertKiller.com currently uses Internet Explorer branding on all client computers. CertKiller.com
    wants to change the logo that is being used. You need to change the logo on the Internet Explorer
    program window title bar at all the workstations, including the Kiosk computers. You also need to
    change the search providers on workstations at Miami.

    What should you do?

    A. You should consider using the Internet Explorer Administration Kit (IEAK) in order to create a
    custom configuration-only deployment package.
    Then the setup file should be copied to a flash drive.
    Thereafter the file should be distributed to all computers.

    B. You should consider having the logo saved as Logo.png.
    Then the file should be copied to the C:\Windows\Branding\ directory on every kiosk computer.
    Thereafter a new OpenSearch description file for the main office computers should be created and
    distributed.

    C. You should consider using the Internet Explorer Administration Kit (IEAK) in order to create a
    custom configuration-only deployment package on the main office computers.
    Then automatic version synchronization should be enabled and a flash drive specified for the path.
    Thereafter the configuration package should be distributed to the kiosk computers.

    D. You should consider using the Internet Explorer Administration Kit (IEAK) in order to create a
    custom configuration-only deployment package on the main office computers.
    Thereafter a deployment CD should be created for the kiosk computers.
    Answer: D
  46. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named All client computers on the
    CertKiller.com network run Windows 7.

    CertKiller.com has acquired a Web application that needs specific security settings. The
    CertKiller.com CIO does not want to the employees to change the Internet Explorer browser
    security settings, permanently.

    What should you do?

    A. The best option is to make use of the Windows Internet Explorer Maintenance (IEM) extension
    settings in Preference mode.

    B. The best option is to make use of the Windows Internet Explorer Maintenance (IEM) extension
    settings in Normal mode.

    C. The best option is to reset the Internet Explorer settings.

    D. The best option is to reset the advanced settings in Internet Explorer.
    Answer: B
  47. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Windows 7.

    You are in the process of designing an upgrade strategy for CertKiller.com's Internet Explorer. The
    CIO informs you that extra software should not be installed on the client computers, and that your
    strategy should generate a list of successfully upgraded client computers.

    What should you do?

    A. The best option is to employ the Windows Server Update Services (WSUS).

    B. The best option is to employ the Microsoft System Center Essentials.

    C. The best option is to employ the Microsoft System Center Configuration Manager.

    D. The best option is to employ the Internet Explorer Administration Kit (IEAK) and Group Policy.
    Answer: A
  48. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. CertKiller.com network contains 1,500
    workstations that are running Windows 7.

    The CertKiller.com workstations have a number of custom Internet Explorer add-ons installed on
    it. You have recently received reports that when certain Web applications are used, the Internet
    Explorer closes.

    What should you do to troubleshoot the problem?

    A. The best option is to use the No Add-ons mode in the Internet Explorer.

    B. The best option is to use the default levels in the Internet Explorer.

    C. The best option is to turn on Internet Explorer 7 Standards mode by using a Group Policy.

    D. The best option is to disable the Programs tab in Internet Explorer by using a Group Policy.
    Answer: A
  49. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All servers on the CertKiller.com network
    run Windows Server 2008 R2 and all workstations run Windows 7.

    CertKiller.com has its headquarters in London and quite a few branch offices around the region.
    CertKiller.com contains server named CERTKILLER-SR12 that hosts specific group of files that
    are accessed by the branch offices. The branch offices do not have any servers. The London
    office is connected to the branch offices via High-latency links.

    During routine monitoring, you notice that the bandwidth is unusually high when the branch office
    users access the specific group of files. Furthermore, it also reduces the speed of higher-priority
    traffic. You have received instructions from the CIO.

    What should you do to minimize the bandwidth used by these accessed files?

    A. The best option is to select the BranchCache For Network Files role service on CERTKILLERSR12.
    You also need to set up BranchCache in Distributed Cache mode on workstations in the branch
    offices in the region.

    B. The best option is to set up the BranchCache in Hosted Cache mode on workstations in London
    and the branch offices in the region.

    C. The best option is to set up the BranchCache in Distributed Cache mode on workstations in
    London and the branch offices in the region.

    D. The best option is to select the BranchCache For Network Files role service on CERTKILLERSR12.
    You also need to set up BranchCache in Hosted Cache mode on workstations in the branch
    offices in the region.
    Answer: A
  50. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.

    You have received instructions from the CIO to install Windows 7 with a deployment image on the
    workstations using an unattended answer file. You want the hard drives on the workstations to be
    partitioned into two logical drives during the deployment. One will be used for the operating system
    and the other will be used for data.

    What should you do?

    A. You should consider having the partitions created with Disk Management.

    B. You should consider having the partitions created with the Windows PE/
    Thereafter the OS should be installed on the first partition.

    C. You should consider having the partitions created with SysPrep during the Windows Setup.

    D. You should consider having the partition configuration specified with Windows System Image
    Manager (Windows SIM).
    Answer: D
  51. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com. The domain
    controllers on the CertKiller.com network are running Windows Server 2003 with Service Pack 1
    (SP1).

    You want to use Active Directory to store the Windows BitLocker Drive Encryption recovery
    passwords. You need to do this with the minimum amount of administrative effort.

    What should you do?

    A. This can be accomplished by upgrading all domain controllers to Windows Server 2003 SP2.

    B. This can be accomplished by upgrading the domain controller that has the role of operations
    master to Windows Server 2008 R2.

    C. This can be accomplished by extending the Active Directory schema.

    D. This can be accomplished by upgrading all domain controllers to Windows Server 2008 R2.
    Answer: C
  52. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.

    You have received instructions from the CIO to deploy Windows 7 to the CertKiller.com network.
    You decide to use WIM images or VHDs for the deployment. You want the deployment to multiple
    stream multicast transfers. You also want dynamic driver provisioning to be used with the drivers
    being stored centrally.

    What should you do?

    A. The best option is to use Deployment Image Servicing and Management (DISM) for the
    deployment.

    B. The best option is to use Windows Deployment Services in Windows Server 2008 R2 for the
    deployment.

    C. The best option is to use Microsoft Deployment Toolkit (MDT) 2008 for the deployment.

    D. The best option is to use Microsoft Deployment Toolkit (MDT) 2010 for the deployment.
    Answer: B
  53. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of three Active Directory domains. You need to deploy Windows 7 to 10,000 new
    client computers. The deployment should not require user interaction.

    What should you do?

    A. The best option is to install Microsoft System Center Virtual Machine Manager and set up a litetouch
    installation.

    B. The best option is to install Microsoft System Center Operations Manager 2007 R2 and set up a
    lite-touch installation.

    C. The best option is to install Microsoft System Center Configuration Manager 2007 R2 and set
    up a zero-touch installation.

    D. The best option is to install Microsoft Deployment Toolkit (MDT) 2010 and set up a zero-touch
    installation.
    Answer: C
  54. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com. The workstations at
    CertKiller.com are running Windows XP Professional.

    A portion of the workstations are located in a secured network which the other workstations
    connect to through a virtual private networking (VPN). You have received instructions from the
    CIO to deploy Windows 7 on the network. You want to use a dedicated server and a single
    Windows 7 image for the deployment, with the option of using removable media. You also want to
    be able to choose the applications to be installed onto a client workstation during the deployment.

    What should you do?

    A. The best option is to do a zero-touch installation by using the System Center Configuration
    Manager 2007 R2.

    B. The best option is to do a lite-touch installation by using the Microsoft Deployment Toolkit.

    C. The best option is to install Windows 7 by using an install image, using Windows Deployment
    Services on a network server.

    D. The best option is to install the image from a network share with ImageX by using the Windows
    PE boot media.
    Answer: B
  55. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com. The CertKiller.com
    network contains 1,500 Windows XP Professional workstations.

    You have received instructions from the CIO to deploy a Windows 7 image to the workstations by
    using the Microsoft Deployment Toolkit Lite Touch Installation deployment method. However, you
    need to migrate the user state of 15 workstations at a time and make sure to conserve the network
    bandwidth.

    What should you do?

    A. The best option is to compress the contents of the distribution folder.

    B. The best option is to use the Background Intelligent Transfer Service (BITS) and distribute the
    image.

    C. The best option is to set up a multicast transmission on the deployment point.

    D. The best option is to set up a unicast transmission on the deployment point.
    Answer: C
  56. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory forest with a single domain, named CertKiller.com.
    CertKiller.com contains a server, named CERTKILLER-SR12, on which you have installed the
    Windows Deployment Services (WDS) role.

    After creating a Windows 7 image, you receive instructions from the CIO to employ the Microsoft
    Deployment Toolkit Lite Touch Installation deployment method to install the image to the
    workstations provided that administrative approval is confirmed.

    Which of the following options would meet these requirements?

    A. The best option is to use DHCP rogue detection on CERTKILLER-SR12.

    B. The best option is to use an Auto-Add policy on CERTKILLER-SR12.

    C. The best option is to set up a unicast transmission for the Windows 7 image.

    D. The best option is to set up a multicast transmission for the Windows 7 image.
    Answer: B
  57. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com. The CertKiller.com
    network contains 1,000 workstations.

    You have received instructions from the CIO to install Windows 7 via the network without ruining
    the performance of the network applications.

    What should you do to meet this requirement using a zero-touch deployment method?

    A. The best option is to make use of a Windows Server 2008 server and install the image from a
    Microsoft System Center Configuration Manager server.

    B. The best option is to disable the Internet Protocol version 6 (IPv6) protocol before the
    installation.

    C. The best option is to disable the Internet Protocol version 4 (IPv4) protocol before the
    installation.

    D. The best option is to make use of a Windows Server 2008 server and install the image form a
    dedicated share.
    Answer: A
  58. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com. The CertKiller.com
    network contains 1,500 workstations, each containing 1 GB of RAM.

    You have received instructions from the CIO to install Windows 7 Enterprise by using a zero-touch
    installation deployment method.

    Which of the following is an option that you should take into consideration to meet the CIO's
    requirements?

    A. You should consider reducing the trivial file transfer protocol (TFTP) block size on the TFTP
    server.

    B. You should consider adding more RAM.

    C. You should consider using a multicast deployment of images.

    D. You should consider using a unicast deployment of images.
    Answer: C
  59. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com. The CertKiller.com
    network contains 1,500 workstations.

    You have received instructions from the CIO to install Windows 7 Enterprise by using a zero-touch
    installation deployment method.

    Which of the following statements would best suit your requirements?

    A. The best option is to use Microsoft System Center Configuration Manager 2007 R2.

    B. The best option is to use an unattended installation.

    C. The best option is to use a custom Windows 7 image on DVD.

    D. The best option is to use Windows Deployment Services (WDS).
    Answer: A
  60. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com. The CertKiller.com
    network contains 1,500 workstations.

    You have received instructions from the CIO to install Windows 7 Enterprise by using a zero-touch
    installation deployment method. CertKiller.com also informs you that you have to test the method
    prior to deployment.

    What should you do accomplish this?

    A. You should configure a distribution group and add the test computers to it.

    B. You should configure an organizational unit that contains the test computer accounts.

    C. You should configure a security group that includes the test computers.

    D. You should configure a computer collection and add the test computers to it.
    Answer: D
  61. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.

    You have received instructions from the CIO to install Windows 7 with a deployment image on the
    workstations using an unattended answer file. You want the hard drives on the workstations to be
    partitioned during the deployment.

    What should you do?

    A. You should include the disk information to the Specialize configuration section of the answer
    file.

    B. You should include the disk information to the Generalize configuration section of the answer
    file.

    C. You should include the disk information to the WindowsPE configuration section of the answer
    file.

    D. You should include the disk information to the AuditSystem configuration section of the answer
    file.
    Answer: C
  62. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista.

    You receive instruction from CertKiller.com to have a custom Windows 7 Enterprise image created
    that can be used to deploy Windows 7 as well as a new application on computers that are not
    connected to the network.

    What should you do?

    A. The best option is to use a Group Policy Software Installation and publish the new accounting
    application.

    B. The best option is to use a Windows Server Update Services (WSUS) and install the new
    accounting application.

    C. The best option is to service an online image of Windows 7 to add the new accounting
    application.

    D. The best option is to service an offline image of Windows 7 to add the new accounting
    application.
    Answer: C
  63. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional.

    When CertKiller.com instructs you to plan the installation of Microsoft Windows 7 Enterprise on all
    the workstations in the network, you decide to design a user state migration strategy that reduces
    network bandwidth and server usage when user information is migrated.

    Which of the following should you use to complete this task? (Choose two.)

    A. The Replace Computer method.

    B. The Refresh Computer method.

    C. A hard-link migration store.

    D. A compressed migration store.
    Answer: A,C
  64. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional.

    CertKiller.com has recently informed you that the current Windows XP Professional workstations
    must be upgraded to Microsoft Windows 7 Enterprise. Furthermore, CertKiller.com informs you
    that your solution must migrate the user data and the OS components, as well as ensure
    encryption and password protection for the migration store.

    Which of the following is the option that would adequately meet these requirements?

    A. You should consider making use of Windows.old in order to execute an offline migration.

    B. You should consider making use of a hard-link migration store.

    C. You should consider making use of Windows PE in order to execute an offline migration.

    D. You should consider making use of a compressed migration store.
    Answer: D
  65. You are employed as the network administrator at CertKiller.com. The CertKiller.com network
    consists of a single Active Directory domain named CertKiller.com. All workstations on the
    CertKiller.com network run Microsoft Windows XP Professional.

    CertKiller.com has recently decided to have the current Windows XP Professional workstations
    upgraded to Microsoft Windows 7 Enterprise, but is concerned about productivity. Your solution
    must make it possible for CertKiller.com users to view the user state after it is collected and saved.

    Which two of the following options should you use? (Choose two.)

    A. This can be accomplished by using Windows PE to execute an offline migration.

    B. This can be accomplished using a hard-link migration store.

    C. This can be accomplished using an uncompressed migration store.

    D. This can be accomplished by using Windows.old to execute an offline migration.
    Answer: B,C
  66. You are the newly appointed network Enterprise Desktop Administrator at CertKiller.com. The
    CertKiller.com network consists of a single Active Directory domain named CertKiller.com. All
    workstations on the CertKiller.com network run Windows Vista.

    CertKiller.com has its headquarters in London and is connected via WAN links to branch offices in
    Paris, Berlin and Athens. CertKiller.com has recently decided to have the workstations upgraded
    to Microsoft Windows 7. The configuration of the CertKiller.com workstations is based on a
    Windows Vista image.

    During the course of the day you receive an instruction to move the CertKiller.com user data from
    the Windows Vista installation to the new Windows 7 installation. CertKiller.com also informs you
    that your solution must reduce the bandwidth used, as well as maintain a similar migration strategy
    for all CertKiller.com offices.

    What should you do to satisfy CertKiller.com's requirements?

    A. You should consider using the Windows PE in order to execute an offline migration.

    B. You should consider using the User State Migration Tool (USMT) as well as a hard-link
    migration store.

    C. You should consider using the multicast feature of Windows Deployment Services (WDS).

    D. You should consider using the Deployment Image Servicing and Management (DISM) tool.
    Answer: B
  67. You work as a network administrator at CertKiller.com. Half the client computers on the
    CertKiller.com network run Windows XP Professional and the rest run Windows 7. All client
    computers are members of an organizational unit (OU) named CKUsers.

    You are in the process of implementing Windows Software Update Services (WSUS). You decide
    to create a Group Policy object that allows automatic updates from the WSUS server and link the
    GPO to CKUsers. During routine monitoring you discover that an application on the Windows XP
    computers fails as a result of a security update for both Windows XP and Windows 7. To ensure
    productivity you need to make sure that the application can be run by the Windows XP computers
    whilst ensuring that the Windows 7 computers receives the security update.

    What should you do?

    A. Your best option would be to remove the XP workstations from CKUsers.
    Thereafter you need to approve the update for the installation to the All Computers target group.

    B. Your best option would be to remove the Windows 7 workstations from CKUsers.
    Thereafter you need to approve the update for the installation to the Unassigned Computers
    targeting group.

    C. Your best option would be to create a targeting group named XPUsers under CKUsers.
    Then the XP workstations need to be moved to the XPUsers group.
    Thereafter you need to approve the update for the installation to CKUsers.

    D. Your best option would be to remove the Windows 7 workstations from CKUsers.
    Thereafter you need to approve the update for the installation to the All Computers target group.
    Answer: B
  68. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Microsoft Windows Vista. CertKiller.com currently uses an application that does not
    run on Microsoft Windows 7.

    During the course of the day CertKiller.com decided to have all the workstations upgraded to
    Microsoft Windows 7. During your maintenance you determine that Microsoft Enterprise Desktop
    Virtualization (MED-V) v2 should be used for allowing the users to continue using the application.
    You want to ensure the virtual machine (VM) images containing the application is only used by
    network users connected to the MED-V server.

    What should you do?

    A. You should consider having the VM image deployed using Windows Server Update Services
    (WSUS).

    B. You should consider having the VM image mounted from the MED-V workspace.

    C. You should consider having the VM image deployed from the MED-V server.

    D. You should consider having the VM image deployed using Windows Deployment Services
    (WDS).
    Answer: C
  69. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Windows 7.

    CertKiller.com has its headquarters in London and branch offices around the globe. A number of
    users in CertKiller.com's Human Resources department share computers, which are members of
    the HRComputers organizational unit (OU).

    You receive an instruction from the CIO to deploy a new application that is not packaged.
    Furthermore, the CIO informs you that the application has to be deployed to all workstations in the
    HRComputers OU from a central site.

    Which of the following statements would be TRUE with regards to the deployment strategy?

    (Choose all that apply.)

    A. Your strategy should include creating a collection that will contain the computers in the HR
    department using Microsoft System Center Configuration Manager.
    Thereafter the package can be allocated to the collection.

    B. Your strategy should include creating a Group Policy object (GPO).
    Thereafter a software installation policy can be added under the Computer Configuration
    container.

    C. Your strategy should include creating a collection that contains the HR department users using
    Microsoft System Center Configuration Manager.
    Thereafter the package can be allocated to the collection.

    D. Your strategy should include creating a package using Microsoft System Center Configuration
    Manager.
    Answer: A,D
  70. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com.

    All workstations on the CertKiller.com network run Windows 7. The CertKiller.com network
    contains a Sales department, whose shared computers are members of an organizational unit
    (OU) named KingSales. The diagram below illustrates CertKiller.com's network structure:

    You are in the process of planning the installation of an application that is packaged as a Microsoft
    Windows Installer package (MSI). CertKiller.com wants this application to be deployed to the
    workstations in the Sales department only.

    Which combination of the following actions should be considered for meeting these requirements?
    (Choose all that apply.)

    A. You should consider having a new Group Policy object (GPO) created.

    B. You should consider having a software installation policy added under the Computer
    Configuration container.

    C. You should consider having a software installation policy added under the User Configuration
    container.

    D. You should consider having the software installation policy linked to the Workstations OU.

    E. You should consider having the software installation policy linked to King Sales.
    Answer: A,B,E
  71. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Windows 7.

    When you receive notification that a software vendor has released Version 2 of an application that
    CertKiller.com currently makes use of, you check for compatibility issues between Version 1 and
    Version 2 and find that they are incompatible.

    After receive notification from the CIO to deploy Version 2 of the application, he informs you that
    both versions has to be accessible for CertKiller.com users to run on their client computers. The
    CIO also informs you that version 2 has to accessible when a user computer is disconnected to
    the network.

    Which of the following would suitably meet the CIO's requirements?

    A. Your best option would be to make use of a Group Policy Software Installation policy in order to
    install version 2 of the application.

    B. Your best option would be to make use of a Microsoft System Center Configuration Manager
    package in order to install version 2 of the application.

    C. Your best option would be to make use of a Microsoft Application Virtualization (App-V) in order
    to install version 2 of the application.

    D. Your best option would be to install version 2 of the application as a Remote Desktop Services
    RemoteApp.
    Answer: C
  72. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. The CertKiller.com network consists of
    1,500 workstations that are configured to run Windows 7.

    During the course of the day you receive an instruction from the CIO to install a new application in
    CertKiller.com's environment. He also informs you that the application should be installed outside
    of business hours so that productivity is not affected.

    How would you achieve your goal?

    A. This can be accomplished by means of Windows Deployment Services with a schedule cast.

    B. This can be accomplished by means of Microsoft System Center Configuration Manager.

    C. This can be accomplished by means of a logon script.

    D. This can be accomplished by means of a Group Policy.
    Answer: B
  73. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Windows 7. You are responsible for managing a server named CERTKILLER-SR01.

    A CertKiller.com user, named Mia Hamm, regularly makes use of Remote Desktop Connection
    (RDC) to connect to CERTKILLER-SR01. When she attempts to connect during the course of the
    day, she is presented with an error message stating: "The connection was denied because the
    user account is not authorized for remote login."

    What should you do to assign Mia Hamm the minimum privileges to accomplish her daily tasks?

    A. Your best option would be to make Mia Hamm a member of the domain Remote Desktop Users
    group.

    B. Your best option would be to make Mia Hamm a member of the domain Windows Authorization
    Access group.

    C. Your best option would be to make Mia Hamm a member of the Power Users group on
    CERTKILLER-SR01.

    D. Your best option would be to make Mia Hamm a member of the Remote Desktop Users group
    on CERTKILLER-SR01.
    Answer: D
  74. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. The CertKiller.com network consists of 800
    workstations running Microsoft Windows XP Professional.

    You are in the process of designing an upgrade strategy to upgrade CertKiller.com's workstations
    to Microsoft Windows 7. When you receive an instruction from the CIO to install a specific
    application, you decide to determine whether any compatibility issues will arise during the
    installation and configuration process.

    What should you do to complete this task?

    A. Your best option should be to employ the Update Compatibility Evaluator.

    B. Your best option should be to employ the Windows Compatibility Evaluator.

    C. Your best option should be to employ the Inventory Collector.

    D. Your best option should be to employ the Setup Analysis Tool.
    Answer: D
  75. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional or Windows Vista Enterprise. At present
    CertKiller.com makes use of 15 custom applications that was written for Windows XP.

    You are in the process of designing an upgrade strategy to upgrade CertKiller.com's workstations
    to Microsoft Windows 7. You receive notification from the CIO to compile a list of compatibility
    issues for the custom applications.

    What should you do to successfully complete this task? (Choose two.)

    A. Your best option would be to install every application on a Windows XP user computer.

    B. Your best option would be to install every application on a Windows 7 user computer.

    C. Your best option would be to install every application on a Windows Vista user computer.

    D. Thereafter, every application should be sequenced using Microsoft Application Virtualization
    (App-V).

    E. Thereafter, the Application Compatibility Toolkit (ACT) should be run.
    Answer: A,E
  76. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional. The CertKiller.com network contains a Windows
    Server Update Services (WSUS) server named CERTKILLER-SR10, which will be used to
    manage software updates.

    You are in the process of designing an upgrade strategy to upgrade CertKiller.com's workstations
    to Microsoft Windows 7. CertKiller.com employees are not assigned any administrative rights to
    their local computers. You discover that CertKiller.com employs a custom application that is
    incompatible with Windows 7.

    What should you do to make sure that CertKiller.com employees are able to run the custom
    application without negatively affecting efficiency? (Choose all that apply.)

    A. This can be accomplished by deploying and registering the compatibility-fix database file to the
    workstations using a computer startup script.

    B. This can be accomplished by deploying and registering the compatibility-fix database file to the
    workstations using a user startup script.

    C. This can be accomplished by installing and registering a shim on the WSUS server.

    D. This can be accomplished by installing and registering a shim on the workstations using Group
    Policy.
    Answer: A,D
  77. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional.

    You are in the process of designing an upgrade strategy to upgrade CertKiller.com's workstations
    to Microsoft Windows 7. During this process, you discover that a custom line-of-business
    application that CertKiller.com employs is not compatible with Windows 7.

    What should you do to ensure that your strategy that enables the application to run without
    negatively affecting efficiency?

    A. You should consider using the Update Compatibility Evaluator.

    B. You should consider using the Windows Compatibility Evaluator.

    C. You should consider using the Setup Analysis Tool.

    D. You should consider using the Compatibility Administrator.
    Answer: D
  78. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional. A number of custom applications, including a
    custom line-of-business application which users currently use to accomplish their daily tasks, are
    incompatible with Windows7.

    You have been instructed to design a Windows 7 deployment strategy that allows for the
    applications to run on all CertKiller.com workstations, and for the application executable to exist on
    every client workstation.

    What should you do to manage the application compatibility to satisfy the requirements?

    A. Your best choice would be to virtualize the application using Microsoft Application Virtualization
    (App-V).

    B. Your best choice would be to install the application on a Remote Desktop Services server.

    C. Your best choice would be to install a shim for the application on every client workstation.

    D. Your best choice would be to install the Windows Compatibility Evaluator on every client
    workstation.
    Answer: C
  79. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows Vista.

    You are in the process of designing an upgrade strategy to upgrade CertKiller.com's workstations
    to Microsoft Windows 7.

    What should you do to identify and examine the compatibility of an application that needs elevated
    privileges?

    A. You should consider running a stand-alone version of the Setup Analysis Tool (SAT).

    B. You should consider using the Standard User Analyzer (SUA) tool.

    C. You should consider using the Standard User Analyzer (SUA) Wizard.

    D. You should consider running a virtual version of the Setup Analysis Tool (SAT).
    Answer: B
  80. CertKiller.com has employed you as an Enterprise Desktop Administrator. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com.

    You are in the process of creating a Windows 7 deployment image. The image contains custom
    Internet search providers and Internet Explorer branding. A new company policy requires that all
    custom settings be deployed using Group Policy. You receive notification from the CIO to ensure
    that default Internet Explorer settings are in the deployment image.

    What should you do? (Choose all that apply.)

    A. You should consider running the Remove Branding process on the deployment image using the
    Reset Internet Explorer Settings (RIES) feature.

    B. You should consider updating the Internet Explorer Maintenance policy processing Group
    Policy object (GPO) settings for all workstations.

    C. You should consider updating the Internet Explorer Manage Add-ons settings for all
    workstations.

    D. You should consider running the Reset process on the deployment image using the Reset
    Internet Explorer Settings (RIES) feature.
    Answer: A,D
  81. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional.

    You are in the process of designing an upgrade strategy to upgrade the Web Developers'
    workstations to Microsoft Windows 7. The user accounts of the Web developers are located in an
    organizational unit (OU) named WebAccounts.

    While performing routine monitoring, you discover that Internet Explorer blocks pop-up windows
    for several internal Web applications that are hosted on various servers.

    When CertKiller.com instructs you to prevent Internet Explorer from blocking pop-up windows for
    the Internal Web applications, you decide to make use of a Group Policy to accomplish the task.

    Which of the following is an option that will solve this problem?

    A. You should consider having the Compatibility View enabled in Internet Explorer.

    B. You should consider having the default security setting set in Internet Explorer to Medium.

    C. You should consider having every server added to the Trusted Sites zone.

    D. You should consider having every server added to the Intranet zone.
    Answer: D
  82. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network run Microsoft Windows XP Professional.

    You are in the process of designing an upgrade strategy to upgrade CertKiller.com's workstations
    to Microsoft Windows 7. The CertKiller.com network makes use of an internal Web application, as
    well as an internal certificate authority (CA) with autoenrollment. The internal Web application
    employs a self-assigned SSL certificate.

    You receive numerous complaints from CertKiller.com users stating that they receive an error
    message suggesting that they close the Web page instead of proceeding to the application when
    they try to start the Web application.

    What should you do to ensure that the error message does not reappear?

    A. This can be accomplished by having the certificate of the Web application installed into the
    personal store on every user computer.
    Thereafter the URL of the application can then be added to the Trusted Sites zone in Internet
    Explorer.

    B. This can be accomplished by having a certificate issued from the internal CA.
    Thereafter the certificate can be installed on the application server.

    C. This can be accomplished by having a commercial certificate bought.
    Thereafter the certificate can be installed on the internal CA.

    D. This can be accomplished by having the certificate of the Web application installed into the
    computer store on every user computer.
    Answer: B
  83. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. The CertKiller.com network workstations are
    configured to run Windows7. CertKiller.com currently employs a Group Policy to standardize the
    Internet Explorer settings.

    During routine monitoring you discover that a number of users change the Internet Explorer
    settings on their workstations. Subsequently, CertKiller.com policy that stipulates all CertKiller.com
    workstations must maintain a standardized Internet Explorer configuration.

    What should you do to make sure that the standardized Internet Explorer configuration is in place
    when users log on the workstations?

    A. You should consider having the Advanced tab of the Internet Explorer Properties dialog box
    disabled using a Group Policy.

    B. You should consider having the User Group Policy loopback processing mode enabled.

    C. You should consider using the Group Policy Update tool in order to refresh Group Policy.

    D. You should consider having the Internet Explorer Maintenance Policy Processing enabled in
    Group Policy.
    Answer: D
  84. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network are configured to run Windows 7.

    You are in the process of designing a wireless network strategy that must use Extensible
    Authentication Protocol-Transport Level Security (EAP-TLS). After verifying that the Network
    Policy Server has a certificate installed, you perform routine monitoring and discover that the
    workstations are not able to connect to the wireless access points.

    What should you do rectify this error?

    A. You should consider having the workstations configured to make use of Protected Extensible
    Authentication Protocol-Transport Layer Security (PEAP-TLS).

    B. You should consider having a certificate installed in the Trusted Root Certification Authorities
    certificate store.

    C. You should consider having a certificate installed in the Third-Party Root Certification
    Authorities certificate store.

    D. You should consider having the workstations configured to make use of Protected Extensible
    Authentication Protocol-Microsoft Challenge Handshake Authentication Protocol version 2 (PEAPMS-
    CHAP v2).
    Answer: B
  85. CertKiller.com has hired you as an Enterprise Desktop Administrator for their network. The
    CertKiller.com network consists of a single Active Directory forest that contains a single domain
    named CertKiller.com. CertKiller.com has its headquarters in Denver where you are located.

    The exhibit below illustrates the organizational unit design as well as the Group Policy object
    design:

    You are in the process of deploying a Microsoft Windows Server Update Services (WSUS) server
    named CERTKILLER-SR10 in the network. You receive an instruction from the CIO to make sure
    that only workstations that are linked to the TestWorkstations OU is able to utilize CERTKILLERSR10
    for updates.

    What should you do?

    A. Your best option would be to define the Windows Update settings in the Computer
    Configuration settings of the Denver Workstations GPO.

    B. Your best option would be to define the Windows Update settings in the Computer
    Configuration settings of the Denver Baseline GPO.

    C. Your best option would be to define the Windows Update settings in the User Configuration
    settings of the Denver Workstations GPO.

    D. Your best option would be to define the Windows Update settings in the User Configuration
    settings of the Denver Baseline GPO.
    Answer: A
  86. CertKiller.com has employed you as an Enterprise Desktop Administrator. The CertKiller.com
    network consists of a single Active Directory domain named CertKiller.com. All client computers on
    the CertKiller.com network run Microsoft Windows XP Professional.

    CertKiller.com has recently decided to have the workstations upgraded to Microsoft Windows 7.
    You have received an instruction from the CIO to make sure that all network administrators are
    able to manage domain Group Policy objects (GPOs) from their Windows 7 client computers.

    What should you do?

    A. You should consider providing the Local Group Policy Editor to the administrators.

    B. You should consider providing the Remote Server Administration Tools to the administrators.

    C. You should consider providing the GPO Accelerator Tool to the administrators.

    D. You should consider providing the Administration Tools Pack to the administrators.
    Answer: B
  87. You are the newly appointed Enterprise Desktop Administrator at CertKiller.com. The
    CertKiller.com network consists of a single Active Directory domain named CertKiller.com. The
    CertKiller.com network contains 900 Windows 7 workstations. The majority of CertKiller.com users
    copy information from their workstations to removable drives on a daily basis. You receive an
    instruction from the CIO to ensure that the copied information is protected.

    What should you do?

    A. Your best option would be to configure a Group Policy in order to enforce the use of BitLocker
    To Go.

    B. Your best option would be to make use of Encrypting File System (EFS).

    C. Your best option would be to enable Trusted Platform Module (TPM) hardware on all
    workstations.

    D. Your best option would be to make use of Active Directory Rights Management Services.
    Answer: A
  88. You are the newly appointed enterprise administrator at CertKiller.com. The CertKiller.com
    network consists of a single Active Directory domain named All client computers on the
    CertKiller.com network run Windows 7. The client computers are configured with the default
    firewall settings.

    CertKiller.com has acquired an application that must be installed on a server. CertKiller.com users
    that must access the application require the installation of an agent on their workstations. You
    receive an instruction from the CIO to ensure that the application can install the agent on the
    workstations. You thus decide to make use of a Group Policy.

    What should you do?

    A. This can be accomplished by implementing Windows service hardening rules.

    B. This can be accomplished by implementing connection security rules.

    C. This can be accomplished by implementing inbound port rules.

    D. This can be accomplished by implementing inbound program rules.
    Answer: C
  89. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory forest that contains a single domain named CertKiller.com. CertKiller.com
    has its headquarters in Paris where you are located.

    The exhibit below illustrates the organizational unit design as well as the Group Policy object
    design:

    All workstations located in the CKWorkstations OU are configured to run either Windows 7
    Enterprise or Windows Vista Enterprise. At present the Paris Workstation GPO is used to identify
    the software restriction policies (SRPs). You receive an instruction from management to ensure
    that the SRPs are only utilized on Windows Vista Enterprise workstations while AppLocker policies
    are only utilized on Windows 7 Enterprise workstations. Additionally, the AppLocker policies
    should be defined by Group Policy.

    How should you design the AppLocker deployment plan so as to meet the stated requirements?

    A. You should consider having a new GPO created that contains the AppLocker settings.
    Thereafter the GPO should be linked to the CKUsers OU.

    B. You should consider having a new GPO created that contains the AppLocker settings.
    Thereafter the GPO should e linked to the CKWorkstations OU

    C. You should consider having the AppLocker settings defined in the Paris Baseline GPO.

    D. You should consider having the AppLocker settings defined in the Paris Clients GPO.
    Answer: B
  90. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All client computers on the CertKiller.com
    network run Windows 7.

    Employees in the Sales department make use of a custom application. Therefore, you create the
    new Group Policy GPO and link it to the CertKiller.com site. You then receive numerous
    complaints from users in the Sales department stating that they are unable to access the custom
    application.

    You receive an instruction from the CIO to ensure that the custom application is accessible to
    employees in the Sales department. The CIO also informs you that your solution must continue to
    allow the other departmental employees to obtain the new GPO.

    What should you do to meet these requirements?

    A. You should make the Sales employees members of a domain group, and then grant the domain
    group the Allow-Read permission as well as the Allow-Apply Group Policy permission for the GPO
    using security filtering.

    B. You should relocate the Sales employees to a dedicated organizational unit (OU), and then
    activate the Block Inheritance setting for the OU.

    C. You should relocate the sales employees to a dedicated organizational unit (OU), and then
    activate the Block Inheritance setting for the domain.

    D. You should make the Sales employees members of a domain group and then grant the domain
    group the Allow-Read permission as well as the Deny-Apply Group Policy permission for the GPO
    using security filtering.
    Answer: D
  91. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. CertKiller.com has its headquarters in
    London and a branch office in Milan. All domain controllers on the CertKiller.com network are
    configured to run Windows 7 and are located in the London and Milan offices.

    When you decide to deploy a group policy at the domain level that encompasses security filtering,
    you perform routine monitoring and find that the GPO settings are only being applied to the
    London office.

    What should you do to identify the settings that are applied to the Milan office?

    A. Your best option would be to run the RepAdmin.exe utility from the command line.

    B. Your best option would be to run a Group Policy Modeling report against the workstations in the
    Milan office.

    C. Your best option would be to run a Group Policy Results report against workstations in the
    Milan office.

    D. Your best option would be to run the GpoTool.exe utility from the command-line.
    Answer: C
  92. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com.

    You are currently stationed at CertKiller.com's headquarters in Dallas. The exhibit below illustrates
    the design of the domain and Group Policy object of CertKiller.com:

    You are currently in the process of configuring the Group Policy preferences in order to define the
    mapped drives in CKWorkstations.

    During the course of the week you receive numerous complaints from clients in the Dallas OU
    stating that the mapped drives are inaccessible to them.

    What should you do to detect and rectify Group Policy issues so that the mapped drives are
    accessible?

    A. Your best option would be to ensure that the user configuration settings are enabled.

    B. Your best option would be to ensure that the computer configuration settings are enabled.

    C. Your best option would be to ensure that loopback processing is enabled in Replace mode.

    D. Your best option would be to ensure that loopback processing is enabled in Merge mode.
    Answer: A
  93. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. You are currently stationed at
    CertKiller.com's headquarters in Dallas. The exhibit below illustrates the organizational unit design
    as well as the Group Policy object design:

    The computer configuration settings, as well as the client configuration settings are stored in the
    Stand Alone Workstations GPO.

    During an analysis of the security audit, you discover that the client configuration settings defined
    in the Stand Alone Workstations GPO is not applied when employees log onto the workstations
    located in the Stand Alone Workstations OU.

    What should you do to make sure that the configuration settings are appropriately applied?

    A. You should consider having loopback processing enabled in Replace mode on the Stand Alone
    Workstations GPO.

    B. You should consider having loopback processing enabled in Merge mode on the Default
    Domain Policy GPO.

    C. You should consider having the client configuration settings disabled on the KingUsers GPO.

    D. You should consider having the client configuration settings disabled on the Default Domain
    Policy GPO.
    Answer: A
  94. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. All workstations on the CertKiller.com
    network are configured to run Windows 7 and are located in a container named KingComputers in
    the CertKiller.com domain.

    During routine monitoring, you discover that a number of workstations were shutdown
    automatically. Upon further investigation you discover that the computers shutdown as soon as the
    security log was full.

    What should you do to prevent this from happening?

    A. Access the Default Domain Controllers Policy Group Policy object (GPO) to change the event
    log policy settings.

    B. You should consider having the maximum log size increased.

    C. You should consider having an Event Viewer subscription configured.

    D. Access the Default Domain Policy Group Policy object (GPO) to change the event log policy
    settings.
    Answer: D
  95. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. CertKiller.com has its headquarters located
    in Miami and a branch office in London. The London office only has Kiosk computers are not
    connected to the network.

    CertKiller.com currently uses Internet Explorer branding on all client computers. CertKiller.com
    wants to change the logo that is being used. You need to change the logo on the Internet Explorer
    program window title bar at all the workstations, including the Kiosk computers. You also need to
    change the search providers on workstations at Miami.

    What should you do?

    A. You should consider using the Internet Explorer Administration Kit (IEAK) in order to create a
    custom configuration-only deployment package.
    Then the setup file should be copied to a flash drive.
    Thereafter the file should be distributed to all computers.

    B. You should consider having the logo saved as Logo.png.
    Then the file should be copied to the C:\Windows\Branding\ directory on every kiosk computer.
    Thereafter a new OpenSearch description file for the main office computers should be created and
    distributed.

    C. You should consider using the Internet Explorer Administration Kit (IEAK) in order to create a
    custom configuration-only deployment package on the main office computers.
    Then automatic version synchronization should be enabled and a flash drive specified for the path.
    Thereafter the configuration package should be distributed to the kiosk computers.

    D. You should consider using the Internet Explorer Administration Kit (IEAK) in order to create a
    custom configuration-only deployment package on the main office computers.
    Thereafter a deployment CD should be created for the kiosk computers.
    Answer: D
  96. You work as a network administrator at CertKiller.com. The CertKiller.com network consists of a
    single Active Directory domain named CertKiller.com. The CertKiller.com network consists of a
    Windows Serer 2008 R2 file server named CERTKILLER-SR01 and 800 workstations that is
    configured to run Windows 7 Enterprise.

    You receive an instruction from the CIO to ensure that a secure connection is maintained between
    the workstations and CERTKILLER-SR01.

    What should you do to create and deploy a Group Policy Object (GPO) that will encompass a rule
    for Windows Firewall with Advanced Security?

    A. You should consider creating an Authentication exemption rule.
    Thereafter the IP address of CERTKILLER-SR01 should be added to the Exempt Computers list.

    B. You should consider creating a Tunnel rule.
    Thereafter the Gateway-to-client should be identified as the tunnel type.

    C. You should consider creating a Server-to-server rule.
    Thereafter the endpoints should be identified as Any IP address and the IP address of
    CERTKILLER-SR01.

    D. You should consider creating an Isolation rule.
    Thereafter you should indicate Request authentication for inbound and outbound connections.
    Answer: C

What would you like to do?

Home > Flashcards > Print Preview