Your network contains several Windows container hosts..
You plan to deploy three custom .NET applications.
You need to recommend a deployment solution for the applications.
Each application must:
-be accessible by using a different IP address.
-have access to a unique file system.
-start as quickly as possible.
What should you recommend? Choose Two.

Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2016.
The services on Server1 are shown in the following output:

Server1 has AppLocker rules configured as shown in follow:

Rule1 and Rule2 are configured as shown in follow:

Which of the following statements are true? Choose Three.

You plan to enable Credential Guard on four servers. Credential Guard secrets will be bound to the TPM.
The servers run Windows Server 2016 and are configured as shown in the following table

Which of the above server you could enable Credential Guard?

Your network contains an Active Directory domain named contoso.com.
You have an organizational unit (OU) named Secure that contains all servers.
You install Microsoft Security Compliance Manager (SCM) 4.0 on a server named Server1.
You need to export the SCM Print Server Security baseline and to deploy the baseline to a server named
Server2.
What should you do? Choose Two.

Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2016.
The hardware configuration on Server1 meets the requirements for Credential Guard.
You need to enable Credential Guard on Server. What should you do? Choose Two.

Your network contains an Active Directory domain named contoso.com.
You install the Windows Server Update Services server role on a member server named Server1. Server1 runs
Windows Server 2016.
You need to ensure that a user named User1 can perform the following tasks:
-View the Windows Server Update Services (WSUS) configuration.
-Generate WSUS update reports.
The solution must use the principle of least privilege. What should you do on Server1?

You have a server named Server1 that runs Windows Server 2016. Server1 has the Windows Server Update
Services server role installed.
Windows Server Update Services (WSUS) updates for Server1 are stored on a volume named D. The hard
disk that contains volume D fails.
You replace the hard disk. You recreate volume D and the WSUS folder hierarchy in the volume.
You need to ensure that the updates listed in the WSUS console are available in the WSUS folder. What
should you run?

Your network contains an Active Directory domain named contoso.com. The domain contains 1,000 client
computers that run Windows 10.
A security audit reveals that the network recently experienced a Pass-the-Hash attack.
The attack was initiated from a client computer and accessed Active Directory objects restricted to the
members of the Domain Admins group.
You need to minimize the impact of another successful Pass-the-Hash attack on the domain. What should you
recommend?

Your network contains an Active Directory domain named contoso.com.
The domain contains four global groups named Group].., Group2, Group3, and Group4.A user named User1 is a member of Group3.
You have an organizational unit (OU) named OU1 that contains computer accounts.
A Group Policy object (GPO) named GPO1 is linked to OU1. OU1 contains a computer account named
Computer1.
GPO1 has the User Rights Assignment configured as shown in the following table:

You need to ensure that User1 can access the shares on Computer1. What should you do?

Your network contains an Active Directory domain named contoso.com.
The domain contains a member server named Servers that runs Windows Server 2016.
You need to configure Servers as a Just Enough Administration (JEA) endpoint.
Which two actions should you perform? Each correct answer presents part of the solution.