You need to deploy the baseline settings to Server2
Your network contains an Active Directory domain named contoso.com. All domain controllers run
Windows Server 2016. The domain contains a server named Serverl that has Microsoft Security
Compliance Manager (SCM) 4.0 installed. You export the baseline shown in the following exhibit.
You have a server named Server2 that is a member of a workgroup. You copy the (2617e9b1-
9672-492b-aefa-0505054848c2) folder to Server2. You need to deploy the baseline settings to
Server2. What should you do?
You need to log an event each time an Active Directory …
Your network contains an Active Directory domain named contoio.com. The domain contains a
server named Server1 that runs Windows Server 2016. You have an organizational unit (OU)
named Administration that contains the computer account of Server1. You import the Active
Directory module to Served1. You create a Group Policy object (GPO) named GPO1. You link
GPO1 to the Administration OU. You need to log an event each time an Active Directory cmdlet is
executed succesfully from Served. What should you do?
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some
question sets might have more than one correct solution, while others might not have a
correct solution. After you answer a question in this section, you will NOT be able to return
to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. All servers run Windows
Server 2016. All client computers run Windows 10. The relevant objects in the domain are
configured as shown in the following table.
You need to assign User1 the right to restore files and folders on Server1, and Server2.
Solution: You add User1 to the Backup Operators group in contoso.com.
Does this meet the goal?
Which Group Policy setting should you configure?
Note: This question is part of a series of questions that use the same scenario. For your
convenience, the scenario is repeated in each question. Each question presents a different
goal and answer choices, but the text of the scenario is exactly the same in each question
in this series.
Start of repeated scenario
Your network contains an Active Directory domain named contoso.com. The functional level of the
forest and the domain is Windows Server 2008 R2. The domain contains the servers configured as
shown in the following table.
All servers run Windows Server 2016. All client computers run Windows 10. You have an
organizational unit (OU) named Marketing that contains the computers in the marketing department.
You have an OU named Finance that contains the computers in the finance department. You have
an OU named AppServers that contains application servers. A Group Policy object (GPO) named
GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU. You install
Windows Defender on Nano1.
End of repeated scenario
You plan to implement BitLocker Drive Encryption (BitLocker) on the operating system volumes of
the application servers. You need to ensure that the BitLocker recovery keys are stored in Active
Directory. Which Group Policy setting should you configure?
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some
question sets might have more than one correct solution, while others might not have a
correct solution. After you answer a question in this section, you will NOT be able to rrturn
to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains
multiple Hyper-V hosts. You need to deploy several critical line-of-business applications to the
network to meet the following requirements:
– The resources of the applications must be isolated from the physical
host.
– Each application must be prevented from accessing the resources of the
other applications.
– The configurations of the applications must be accessible only from the
operating system that hosts the application.
Solution: You deploy one Windows container to host all of the applications.
Does this meet the goal?
Which audit policy setting should you configure in the GPO?
Your network contains an Active Directory domain named contoso.com. The domain contains five
file servers that run Windows Server 2016. You have an organizational unit (OU) named Finance
that contains all of the servers. You create a Group Policy object (GPO) and link the GPO to the
Finance OU. You need to ensure that when a user in the finance department deletes a file from a
file server, the event is logged. The solution must log only users who have a manager attribute of
Ben Smith. Which audit policy setting should you configure in the GPO?
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goats. Some
question sets might have more than one correct solution, while others might not have a
correct solution. After you answer a question in this section, you will NOT be able to return
to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains a
computer named Computer1 that runs Windows 10. Computer1 connects to a home network and
a corporate network. The corporate network uses the 17216.0.0/24 address space internally.
Computerl runs an application named App1 that listens to port 8080. You need to prevent
connections to App1 when Computer1 is connected to the home network.
Solution: From Group Policy Management you create a software restriction policy.
Does this meet the goal?
Which tool should you use?
Note: This question is part of a series of questions that use the same or similar answer
choices. An answer choice may be correct for more than one question In the series. Each
question is independent of the other questions in this series. Information and details
provided in a question apply only to that question.
Vour network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs Windows Server 2016 and a Nano Server named Nano1. Nano1
has two volumes named C and D. You are signed in to Server1. You need to configure Data
Deduplication on Nano1. Which tool should you use?
Which setting should you configure in the Computer Conf…
Note: This question is part of a series of questions that use the same scenario. For your
convenience, the scenario is repeated in each question. Each question presents a different
goal and answer choices, but the text of the scenario is exactly the same in each question
in this series.
Start of repeated scenario
Your network contains an Active Directory domain named contoso.com. The functional level of the
forest and the domain is Windows Server 2008 R2. The domain contains the servers configured as
shown in the following table.
All servers run Windows Server 2016. All client computers run Windows 10. You have an
organizational unit (OU) named Marketing that contains the computers in the marketing department.
You have an OU named Finance that contains the computers in the finance department. You have
an OU named AppServers that contains application servers. A Group Policy object (GPO) named
GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU. You install
Windows Defender on Nano1.
End of repeated scenario
You need to ensure that the marketing department computers validate DNS responses from
adatum.com. Which setting should you configure in the Computer Configuration node of GP1?
Which cmdlet should you run?
Note: This question is part of a series of questions that use the same scenario. For your
convenience, the scenario is repeated in each question. Each question presents a different
goal and answer choices, but the text of the scenario is exactly the same in each question
in this series.
Start of repeated scenario
Your network contains an Active Directory domain named contoso.com. The functional level of the
forest and the domain is Windows Server 2008 R2. The domain contains the servers configured as
shown in the following table.
All servers run Windows Server 2016. All client computers run Windows 10. You have an
organizational unit (OU) named Marketing that contains the computers in the marketing department.
You have an OU named finance that contains the computers in the finance department. You have
an OU named AppServers that contains application servers. A Group Policy object (GPO) named
GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU. You install
Windows Defender on Nano1.
End of repeated scenario
You need to exclude D:\\Folder1 on Nano1 from being scanned by Windows Defender. Which
cmdlet should you run?