Test4actual Help You Pass Any IT Exams

Posted By admin on September 20, 2010

Because we updated the 70-685 at the first time, so many of our customers has been updated by the first time, and all passed the exam! Test4actual has been committed to one year of free updates. Changes in the 70-685 soon, resulting in lots of braindumps providers can not guarantee that update, but Test4actual will not happen, because test4actual own prometric system, so you can keep up to date! 70-685 is a very timely example of

 

 

70-685 DEMO :

 

1. All client computers on your company network run Windows 7 and are members of a Windows Server 2008 R2 domain. The R&D department staff are local administrators on their computers and are members of the R&D global security group.

A new version of a business software application is available on the network.

You plan to apply an AppLocker security policy to the R&D group.

You need to ensure that members of the R&D group are not allowed to upgrade the software.

What should you do?

A. Create an Audit only restriction based on the version of the software.

B. Create an Audit only restriction based on the publisher of the software.

C. Create an Enforce rule restriction based on the version of the software.

D. Create an Enforce rule restriction based on the publisher of the software.

Answer: C

 

2. All client computers on your company network run Windows 7 and are members of an Active Directory Domain Services domain.

AppLocker is configured to allow only approved applications to run.

Employees with standard user account permissions are able to run applications that install into the user profile folder.

You need to prevent standard users from running unauthorized applications.

What should you do?

A. Create Executable Rules by selecting the Create Default Rules option.

B. Create Windows Installer Rules by selecting the Create Default Rules option.

C. Create the following Windows Installer Rule:

Deny �C Everyone – %OSDRIVE%\Users\<user name>\Downloads\*

D. Create the following Executable Rule:

Deny – Everyone – %OSDRIVE%\Users\<user name>\Documents\*

Answer: A

 

3. All client computers on your company network were recently upgraded from Windows Vista to Windows 7.

Several employees use a scanner to import document images into a database. They install a new scanning application on their computers. The application updates the device driver for the scanners as part of the installation process.

Employees report that the application can no longer connect to the scanner.

You need to ensure that the employees can use the scanner.

What should you do?

A. Roll back the device driver to the previous version.

B. Reinstall the application in Windows Vista compatibility mode.

C. Set the application compatibility properties to run the application as an administrator.

D. Restart the computer by using the System Configuration tool to load only basic devices and services.

Answer: A

 

4. This question is the first in a series of questions that all present the same scenario.

For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

You are an enterprise desktop support technician for Consolidated Messenger.

Network Configuration

The company has three offices named Office1, Office2, and Office3. The offices connect to each other over the Internet by using VPN connections. Each office has an 802.11g wireless access point. All wireless access points are configured to use Radius01 for authentication.

Active Directory Configuration

The network contains one Active Directory domain named consolidatedmessenger.com. The relevant organizational unit structure is shown in the following diagram.

The relevant Group Policy objects (GPOs) in the domain are configured as shown in the following table.

Group Policy name	Linked to OU
Desktops	Desktops
Laptops	Laptop
ServerComputers	Servers
AllComputers	CorpComputers
AllUsers	UserAccounts

Applications

The relevant applications on the network are shown in the following table.

Application name	Type	Description
FinanceApp1	Windows Application	A financial analysis application that is used by the finance users.
ERPApp1	Windows Application	A new ERP application that is deployed in a pilot project.

Server Configuration

The relevant servers are configured as shown in the following table.

Server name	Server role(s)	Office
DC01	Domain controller, DNS	Office1
DC02	Domain controller, DNS	Office1
File01	File server, DHCP	Office1
Radius01	Network Policy Server (NPS)	Office1
DC03	Domain controller, DNS, DHCP	Office2
DC04	Domain controller, DNS, DHCP	Office3

Client Configuration

Each office has 500 desktop computers that run Windows 7 Enterprise.

There are 250 mobile users that travel regularly between all three offices. The mobile users have laptop computers that run Windows 7 Enterprise.

To prevent the spread of malware, the company restricts the use of USB devices and only allows the use of approved USB storage devices.

Printers

The marketing group has several printers that are shared on File01. A shared printer name Printer1 is a high-performance, black-and-white printer. A shared printer named Printer2 is a high-definition, photo-quality, color printer. Printer2 should only be used to print marketing brochures.

End of repeated scenario

The chief financial officer (CFO) releases new guidelines that specify that only users from finance are allowed to run FinanceApp1.

Users in the Marketing OU report that they can run FinanceApp1.

You need to ensure that only users in the Finance OU can run FinanceApp1.

What should you do?

A. In the AllComputers GPO, create a new AppLocker executable rule.

B. In the Desktops GPO and the Laptops GPO, create a new Windows Installer rule.

C. In the AllComputers GPO, create a software restriction policy and define a new hash rule.

D. In the Desktops GPO and the Laptops GPO, create a software restriction policy and define a new path rule.

Answer: A

 

5. This question is the first in a series of questions that all present the same scenario.

For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

You are an enterprise desktop support technician for City Power & Light.

City Power & Light is a utility company. The company has a main office and a branch office. The main office is located in Toronto. The branch office is located in Boston. The main office has 1,000 employees. The branch office has 10 employees.

Active Directory Configuration

The network contains a single Active Directory domain named cpandl.com. The functional level of the forest is Windows Server 2008 R2.

Server Configuration

All servers run Windows Server 2008 R2. The relevant servers in the main office are configured as shown in the following table.

Server name	Role	IP address
DC1	Global catalog, DNS server	192.168.1.5
DC2	Global catalog, DNS server	192.168.2.2
DC3	Global catalog, DNS server	192.168.3.2
DC4	Global catalog, DNS server	192.168.4.2
CA1	Enterprise root certification authority (CA)	192.168.1.4
Server1	File and Print Server, DHCP server, VPN server	192.168.1.3
Server2	File and Print Server, VPN server	192.168.2.3
Server3	File and Print Server	192.168.3.3
Server4	DirectAccess server	192.168.1.7

All computers in the main office are configured to use DHCP. All computers in the branch office are configured to use static IP addresses.

User Information

• ·All user accounts are standard user accounts.
• ·All client computers run Windows 7 Enterprise.
• ·Each portable computer has a PPTP-based VPN connection to the internal network.

Corporate Security Guidelines

• ·All users must be granted the least privileges possible.
• ·All locally stored documents must be encrypted by using Encrypting File System (EFS).
• ·The hard disk drives on all portable computers must be encrypted by using Windows BitLocker Drive Encryption (BitLocker).
• ·All encryption certificates must be stored on smart cards.

End of repeated scenario

The company is deploying a new application.

When users attempt to install the application, they receive an error message indicating that they need administrative privileges to install it.

You need to recommend a solution to ensure that users can install the application. The solution must adhere to the corporate security guidelines.

What should you recommend?

A. Publish the application by using a Group Policy.

B. Disable User Account Control (UAC) by using a Group Policy.

C. Add all domain users to the local Power Users group by using Restricted Groups.

D. Add the current users to the local Administrators group by using Group Policy preferences.

Answer: A

 

6. This question is the first in a series of questions that all present the same scenario.

For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario

You are an enterprise desktop support technician for A. Datum Corporation.

Active Directory Configuration

The company has three offices. The offices are configured as shown in the following table.

Office	Organizational unit (OU)	Active Directory site	Number of users
Main office	MainOffice	Main office site	1,200
Branch office 1	BranchOffice1	Branch 1 site	500
Branch office 2	BranchOffice2	Branch 2 site	400

The network contains a single Active Directory domain named adatum.com. Two Group Policy objects (GPOs) are configured as shown in the following table.

GPO name	Links	Configuration
Software Updates	MainOffice OU	Configures computers that run Windows 7 in the main office to use a server named WSUS1 for Windows Updates
Certificate Enrollment	adatum.com domain	Enables autoenrollment for computer certificates

Servers

The relevant servers in the main office are configured as shown in the following table.

Server name	Role
DC1	Domain controller, DNS server
DC2	Domain controller, DNS server
DHCP1	DHCP server
WSUS1	Windows Server Update Services (WSUS) server
Web1	Web server
CA1	Enterprise root certification authority (CA)
NPS1	Network Policy Server(NPS)

Wireless Network

A wireless network is implemented in the main office. The wireless network is configured to use WPA2-Enterprise security.

Client Configuration

All client computers run Windows 7 Enterprise and are configured to use DHCP. Windows Firewall is disabled on all client computers.

All computers in the research department have Windows XP Mode and Windows Virtual PC installed. You deploy a custom Windows XP Mode image to the research department computers. An application named App1 is installed in the image.

Each research department computer has the following hardware:

• ·4 GB of RAM
• ·Intel Core i7 processor
• ·500-GB hard disk drive

Corporate Security Policy

The corporate security policy includes the following requirements:

• ·Users without domain accounts must be denied access to internal servers.
• ·All connections to the company��s wireless access points must be encrypted.
• ·Only employees can be configured to have user accounts in the Active Directory domain.
• ·The hard disk drives on all portable computers must be encrypted by using Windows BitLocker Drive Encryption (BitLocker).

End of repeated scenario

Users in the research department report that they cannot run App1 or Windows XP Mode.

You need to ensure that all research department users can run App1. You need to achieve this goal by using the minimum amount of administrative effort.

What should you do?

A. Approve all Windows 7 updates on WSUS1.

B. Enable hardware virtualization on the research department computers.

C. Give each member of the research department a computer that has an Intel Core i5 processor.

D. Request that a domain administrator create a GPO that configures the Windows Remote Management (WinRM) settings.

Answer: B

Categories: Microsoft
Tags: 70-685