Pro: Windows 7, Enterprise Desktop Support Technician

 Pro:  Windows 7, Enterprise Desktop Support Technician
Exam Code: 70-685 Exam Name: Pro: Windows 7, Enterprise Desktop Support TechnicianQUESTION NO: 1 The chief financial officer (CFO) releases new guidelines that specify that only users from finance are allowed to run FinanceApp1. Users in the Marketing OU report that they can run FinanceApp1. You need to ensure that only users in the Finance OU can run FinanceApp1. What should you do? A. In the AllComputers GPO, create a new AppLocker executable rule. B. In the Desktops GPO and the Laptops GPO, create a new Windows Installer rule. C. In the AllComputers GPO, create a software restriction policy and define a new hash rule. D. In the Desktops GPO and the Laptops GPO, create a software restriction policy and define a new path rule. Answer: A Explanation: Chapter 10 p 467- 468 Understanding the difference between SRP and AppLocker You might want to deploy application control policies onto Windows operating systems earlier than Windows Server2008R2 or Windows7. You can use AppLocker policies only on the supported editions of Windows Server2008R2 and Windows7, but you can use SRP on supported editions of Windows beginning with Windows Server2003 and WindowsXP. http://technet.microsoft.com/en-us/library/ee460955(WS.10).aspx http://technet.microsoft.com/en-us/library/dd548340(WS.10).aspx QUESTION NO: 2 Users in the ERPApp1 pilot project report intermittent application issues. You need to consolidate all application events for the users in a central location. What should you do? A. Configure event subscriptions. B. Configure the Advanced Audit Policy Configuration settings. C. Create a custom view in Event Viewer. D. Create a user-defined Data Collector Set. Answer: A Explanation: Chapter 8 Lesson 1 p 302 - 305 A. Configure event subscriptions. Event Viewer enables you to view events on a single remote computer. However, troubleshooting an issue might require you to examine a set of events stored in multiple logs on multiple computers. Windows 7 includes the ability to collect copies of events from multiple remote computers and store them locally. To specify which events to collect, you create an event subscription. Among other details, the subscription specifies exactly which events will be collected and in which log they will be stored locally. Once a subscription is active and events are being collected, you can view and manipulate these forwarded events as you would any other locally stored events. B. Configure the Advanced Audit Policy Configuration settings. http://technet.microsoft.com/en-us/library/dd408940(WS.10).aspx C. Create a custom view in Event Viewer. You can create a filter that includes events from multiple event logs that satisfy specified criteria. You can then name and save that filter as a custom view. To apply the filter associated with a saved custom view, you navigate to the custom view in the console tree and click its name. D. Create a user-defined Data Collector Set. You can create a custom Data Collector Set containing performance counters and configure alert activities based on the performance counters exceeding or dropping below limits you define. After creating the Data Collector Set, you must configure the actions the system will take when the alert criteria are met. Membership in the local Performance Log Users or Administrators group, or equivalent, is the minimum required to complete these procedures. http://www.youtube.com/watch?v=4xxKPgT5irU http://www.youtube.com/watch?v=fKelHBve57k QUESTION NO: 3 The help desk reports that users in the Marketing OU print draft documents, e-mails, and other miscellaneous documents on Printer2. You need to recommend a solution so that marketing users print documents to Printer1 by default. What should you do? A. Enable printer pooling. B. Configure Group Policy Preferences. C. Modify the priorities of the shared printers. D. Modify the permissions of the shared printers. Answer: B Explanation: http://technet.microsoft.com/en-us/library/cc732092.aspx Action: This type of preference item provides a choice of four actions: Create, Replace, Update, and Delete. The behavior of the preference item varies with the action selected and whether the printer connection already exists. Set this printer as the default printer - Select this check box to make the shared printer connection the default Windows printer for the current user. Only if a local printer is not present - Select this check box to bypass changing the default printer if there is a local printer configured on the computer. This setting is unavailable until you select the Set this printer as the default printer check box. Note: A local printer is any printer that is not connected to a shared network printer. This includes physical printers connected to parallel, serial, and USB ports, TCP/IP printers, and virtual printers installed through software. To create a new Shared Printer preference item Open the Group Policy Management Console. Right-click the Group Policy object (GPO) that should contain the new preference item, and then click Edit. In the console tree under User Configuration, expand the Preferences folder, and then expand the Control Panel Settings folder. Right-click the Printers node, point to New, and select Shared Printer. In the New Shared Printer Properties dialog box, select an Action for Group Policy to perform. Enter shared printer settings for Group Policy to configure or remove. Click the Common tab, configure any options, and then type your comments in the Description box. Click OK. The new preference item appears in the details pane. QUESTION NO: 4 The Office1 network link is brought offline for emergency maintenance. Users in Office2 and Office3 report that they cannot connect to the wireless network. You need to recommend changes to ensure that users in all offices can connect to the wireless network if a WAN link fails. What should you recommend? A. that redundant DHCP scopes be created B. that additional RADIUS servers be deployed C. that universal group caching be implemented D. that additional default gateways be configured Answer: B Explanation: QUESTION NO: 5 The company purchases 500 USB flash drives from a new hardware vendor and distributes them to the users. The help desk reports that the users are unable to access the new USB flash drives. You need to ensure that users can save data on the USB flash drives. What should you do? A. Instruct the help desk to modify the BitLocker settings. B. Instruct the help desk to modify the Windows Defender settings. C. Request that an administrator modify the driver signing policy. D. Request that an administrator modify the device installation restriction policy. Answer: D Explanation: Open Group Policy Management and edit the applicable GPO in your Active Directory. Disable autorun: Computer Configuration \ Administrative Templates \ Windows Components \ AutoPlay Policies Turn off Autoplay: Enabled Limit to approved devices: Computer Configuration \ Administrative Templates \ System > Device Installation \ Device Installation Restrictions Allow installation of devices that match any of these device IDs: (add the corporate device) Prevent installation of devices not described by other policy settings: Enabled Topic 2, City Power & Light Scenario: You are an enterprise desktop support technician for City Power & Light. City Power & Light is a utility company. The company has a main office and a branch office. The - - - main office is located in Toronto. The branch office is located in Boston. The main office has 1,000 employees. The branch office has 10 employees. Active Directory Configuration The network contains a single Active Directory domain named cpandl.com. The functional level of the forest is Windows Server 2008 R2. Server Configuration All servers run Windows Server 2008 R2. The relevant servers in the main office are configured as shown in the following table. All computers in the main office are configured to use DHCP. All computers in the branch office are configured to use static IP addresses. User Information All user accounts are standard user accounts. All client computers run Windows 7 Enterprise. Each portable computer has a PPT P-based VPN connection to the internal network. Corporate Security Guidelines - - - - - - All users must be granted the least privileges possible. All locally stored documents must be encrypted by using Encrypting File System (EFS). The hard disk drives on all port able computers must be encrypted by using Windows BitLocker Drive Encryption (BitLocker). All encryption certificates must be stored on smart cards. QUESTION NO: 6 The company is deploying a new application. When users attempt to install the application, they receive an error message indicating that they need administrative privileges to install it. You need to recommend a solution to ensure that users can install the application. The solution must adhere to the corporate security guidelines. What should you recommend? A. Publish the application by using a Group Policy. B. Disable User Account Control (UAC) by using a Group Policy. C. Add all domain users to the local Power Users group by using Restricted Groups. D. Add the current users to the local Administrators group by using Group Policy preferences. Answer: A Explanation: http://magalan.co.uk/install_software_via_group_policy.html QUESTION NO: 7 Several mobile users access the Internet by using cellular connections. The help desk reports a high volume of calls from mobile users who report the following connection problems: When their cellular connections fail, their VPN connections also fail. When their cellular connections are reestablished, they must manually connect to the VPN server. You need to recommend a solution to ensure that the VPN connections are automatically reestablished. What should you recommend? A. Implement an IKEv2 VPN. B. Implement an SSTP-based VPN. C. Configure credential roaming. D. Configure a Kerberos user ticket lifetime. Answer: A Explanation: Chapter 6 Lesson 1 p 232 - 233 Internet Key Exchange version 2 (IKEv2) support was added in Windows Server2008R2 and Windows7 to accommodate a new VPN type that supports VPN Reconnect. VPN Reconnect refers to the ability of a VPN connection to survive short interruptions in network connectivity, such as when you move from one wireless access point to another, or when you switch from a wired to a wireless network adapter. By taking advantage of features in IKEv2, even changes in IP address at the client do not drop the VPN connection or require any user actions. As soon as connectivity to the RRAS VPN server is restored, then the VPN tunnel is automatically reestablished. QUESTION NO: 8 Five users from the main office travel to the branch office. The users bring their portable computers. The help desk reports that the users are unable to access any network resources from the branch office. Branch office users can access the network resources. You need to ensure that the main office users can access all network resources by using their portable computers in the branch office. The solution must adhere to the corporate security guidelines. What should you instruct the help desk to do on the portable computers? A. Create a new VPN connection. B. Add the users to the local Administrators group. C. Add the users to the Network Configuration Operators group. D. Configure the alternate configuration for the local area connection. Answer: D Explanation:QUESTION NO: 9 Users report that their DirectAccess connections fail. You instruct the help desk to tell the users to run the Connection to a Workplace Using DirectAccess troubleshooter. The help desk reports that the Connection to a Workplace Using DirectAccess troubleshooter fails to function. You need to ensure that the Connection to a Workplace Using DirectAccess troubleshooter functions properly. What should you do? A. Instruct the help desk to enable IPv6 on the users' computers. B. Instruct the help desk to modify the users' Windows Firewall settings. C. Request that the domain administrator configure the Teredo State Group Policy setting. D. Request that the domain administrator configure the Corporate Website Probe URL Group Policy setting. Answer: D Explanation: Troubleshooting item in Control Panel To focus troubleshooting on DirectAccess and collect additional information, you can use the Connection to a Workplace Using DirectAccess troubleshooter in the Troubleshooting item of Control Panel. To start the DirectAccess troubleshooter: Click Start, and then click Control Panel. In System and Security, click Find and fix problems. Click Network and Internet, and then click Connection to a Workplace Using DirectAccess. Note: For this troubleshooting tool to work correctly, you must configure the Computer Configuration/ Policies/Administrative Templates/Network/Network Connectivity Status Indicator/Corporate Website Probe URL Group Policy setting in the Group Policy object for DirectAccess clients. http://technet.microsoft.com/en-us/library/ee624046(WS.10).aspx QUESTION NO: 10 The company implements a data recovery agent (DRA) for Bitlocker. A portable computer fails. The help desk reports that it is unable to use the DRA to recover the data from the computer's hard disk drive. You need to ensure that the DRA can be used to recover data from the hard disk drives of all portable computers. Which tool should you use? A. CertUtil.exe B. Cipher.exe C. Manage-bde.exe D. SDelete.exe Answer: C Explanation: http://technet.microsoft.com/en-us/library/dd875513(WS.10).aspx Topic 3, A. Datum Corporation Scenario: You are an enterprise desktop support technician for A. Datum Corporation. Active Directory Configuration The company has three offices. The offices are configured as shown in the following table. The network contains a single Active Directory domain named adatum.com. Two Group Policy objects (GPOs) are configured as shown in the following table. The relevant servers in the main office are configured as shown in the following table. - - - - - - - Wireless Network A wireless network is implemented in the main office. The wireless network is configured to use WPA2-Enterprise security. Client Configuration All client computers run Windows 7 Enterprise and are configured to use DHCP. Windows Firewall is disabled on all client computers. All computers in the research department have Windows XP Mode and Windows Virtual PC installed. You deploy a custom Windows XP Mode image to the research department computers. An application named App1 is installed in the image. Each research department computer has the following hardware: 4 GB of RAM Intel Core i7 processor 500 -GB hard disk drive Corporate Security Policy The corporate security policy includes the following requirements: Users without domain accounts must be denied access to internal servers. All connections to the company's wireless access points must be encrypted. Only employees can be configured to have user accounts in the Active Directory domain. The hard disk drives on all portable computers must be encrypted by using Windows BitLocker Drive Encryption (BitLocker). QUESTION NO: 11 Users in the research department report that they cannot run App1 or Windows XP Mode. You need to ensure that all research department users can run App1. You need to achieve this goal by using the minimum amount of administrative effort. What should you do? A. Approve all Windows 7 updates on WSUS1. B. Enable hardware virtualization on the research department computers. C. Give each member of the research department a computer that has an Intel Core i5 processor. D. Request that a domain administrator create a GPO that configures the Windows Remote Management (WinRM) settings. Answer: B Explanation: Chapter 9 Lesson 2 p 361 Chapter 1 p 29 – 36 Using WindowsXP Mode, you can run programs that were designed for WindowsXP on computers running: Windows7 Professional, Enterprise, or Ultimate editions. Requirements: Download and install Windows Virtual PC Download and install Wind0ws XP Mode CPU with Intel-VT or AMD-V technology enabled in the BIOS - hardware virtualization QUESTION NO: 12 Users in branch office 1 report that they fail to access the company's intranet Web site located on Web1. They also fail to access Web sites on the Internet. A desktop support technician restarts a desktop computer in branch office 1 and discovers the IP configuration shown in the following screenshot. You need to resolve the network connectivity issue. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.) A. Instruct branch office 1 users to disable IPv6. B. Instruct branch office 1 users to run Ipconfig /Renew. C. Request that a network administrator configure the DHCP router option for branch office 1. D. Request that a network administrator verify DHCP broadcasts are being relayed to the main office. Answer: B,D Explanation: Chapter 2 Lesson 1 p 68 Chapter 25 p 1218 Chapter 31 p 1562 QUESTION NO: 13 Datum hires several consultants to work at the main office for six months. The consultants require Internet access. The help desk reports that the consultants cannot access the company's wireless network. You need to ensure that the consultants have wireless access to the Internet. The solution must adhere to the corporate security policy. What should you request? A. that a wireless access key be given to each consultant B. that a user certificate be generated and imported to each consultant's computer C. that a computer certificate be generated and imported to each consultant's computer D. that a network administrator install a wireless access point that is connected directly to the Internet Answer: D Explanation: answer is D. because of the "users without domain accounts" policy. Chapter 2 Lesson 3 p 89 QUESTION NO: 14 The motherboard on a portable computer fails. The data on the computer's hard disk drive cannot be recovered. You need to recommend a solution to ensure that the data on hard disks can be recovered if the motherboard on other portable computers fail Which two configurations should you recommend? (Each correct answer presents part of the solution. Choose two.) A. Disable BitLocker on all portable computers. B. Convert the hard disks on all portable computers to dynamic disks. C. Export and securely store the computer certificates on all portable computers. D. Configure the BitLocker settings on all portable computers by using Group Policy. Answer: A,D Explanation: QUESTION NO: 15 The help desk reports that several client computers in branch office 1 are missing security updates. You need to identify which security updates are missing. What should you request? A. that a WSUS administrator generate a Computer Report from WSUS1 B. that a domain administrator run the Microsoft Baseline Security Analyzer (MBSA) C. that a desktop support technician run a Windows Defender scan on each computer D. that a desktop support technician generate a System Configuration report for each computer Answer: B Explanation: Microsoft Baseline Security Analyzer (MBSA): to detect common security miss-configurations and missing security updates on your computer systems. Topic 4, Margie's Travel Scenario: You are an enterprise desktop support technician for Margie's Travel. Margie's Travel is a company that specializes in booking travel for large corporations. The company has a main office in New York and operates a call center in New York and a call center in Los Angeles. The company has 1,000 employees. Active Directory Configuration The network contains an Active Directory forest named margiestravel.com. The functional level of the forest is Windows Server 2008 R2. The Active Directory sites are configured as shown in the following table. All sites connect to each other by using high-speed WAN links. Server Configuration The relevant servers are configured as shown in the following table. Security Configuration The relevant security settings for the domain are configured as shown in the following table. The relevant network policies on the NPS servers and the RRAS servers are configured as shown in the following table. User Information All client computers run Windows 7 Professional. Sales staff is located in the main office and uses portable computers. All portable computers are members of the MargiesTravel\Wireless group. Application Configuration Call center staff uses a custom application to book airline tickets. The application is packaged as an MSI file and is signed by using a code signing certificate that was issued by CA3. The application is published by using Group Policies. QUESTION NO: 16 The company hires an additional 100 users. The users are unable to install the custom application. You need to ensure that the users can install the custom application. What should you do? A. Disable User Account Control (UAC). B. Add the users to the local Administrators group. C. Request that the application package be re-signed. D. Request that the user certificates be issued to the new users. Answer: C Explanation: QUESTION NO: 17 You deploy Microsoft Office 2007 to a pilot group in the main office. Users in the pilot group report that all of the Office 2007 applications run successfully. You deploy Office 2007 to users in the New York call center. The call center users report that they are unable to launch the Office 2007 applications. You need to ensure that the call center users can run all of the Office 2007 applications. What should you do? A. Modify the AppLocker rule. B. Disable User Account Control (UAC). C. Deploy the 2007 Office system Administrative Template files. D. Configure the Office 2007 applications to run in Windows Vista compatibility mode. Answer: A Explanation: QUESTION NO: 18 At 08:00 on a Tuesday morning, an administrator in Site 3 takes DC3 offline to update the server. Users in Site 3 report that they cannot log on to their computers. The users receive the following error message: "Your account has time restrictions that prevent you from logging on at this time. Please try again later." You need to ensure that all users can log on to their computers when DC3 is offline for maintenance. Your solution must adhere to the corporate security policies. What should you do? A. Modify the logon hours for all users in Site 3. B. Change the time zone settings for all client computers in Site 3 to UTC-05:00. C. Request that a second domain controller be deployed in Site 3. D. Request that the time zone settings for DC1 and DC2 be changed to UTC-08:00. Answer: C Explanation: QUESTION NO: 19 You have two external consultants. The consultants use their own personal portable computers. The consultants report that they are unable to connect to your wireless network. You need to give the consultants wireless access to the Internet. The solution must prevent external consultants from accessing internal resources. What should you do? A. Issue a user certificate to the consultants. B. Issue a computer certificate to the consultants. C. Join both portable computers to the domain. Add the computer accounts to the MargiesTravel\Wireless group. D. Create a domain user account for each consultant. Add the user accounts to the MargiesTravel\Wireless group. Answer: B Explanation: QUESTION NO: 20 Users access a third-party Web site. The Web site is updated to use Microsoft Silverlight. After the update, the help desk receives a high volume of phone calls from users who report that the Web site fails to function. You need to ensure that the Web site functions properly for the users. What should you do? A. Modify the Windows Internet Explorer AJAX settings by using a Group Policy object (GPO). B. Modify the Windows Internet Explorer add-ons settings by using a Group Policy object (GPO). C. Add the Web site to the Windows Internet Explorer Restricted sites by using a Group Policy object (GPO). D. Add the Web site to the Windows Internet Explorer Compatibility View list by using a Group Policy object (GPO). Answer: B Explanation:

Write a review

Note: HTML is not translated!
    Bad           Good
Captcha
  • Vendor: Microsoft
  • Exam Code: 70-685
  • Total Questions: 191
  • Update Time: 2017-10-30
  • Availability: In Stock
  • $39.00

Available Formats

Tags: pro:, windows, enterprise, desktop, support, technician, mcitp:, 70-685 microsoft