[Pass4itsure Microsoft 70-744 Dumps OFFER From Google Drive]:
Pass4itsure Latest and Most Accurate Microsoft 70-744 Dumps Exam Q&As(1-7)
QUESTION 1
You plan to implement a guarded fabric in TPM-trusted attestation mode. The fabric will contain a three-node Host
Guardian Service (HGS) cluster and four guarded hosts.
All the hosts will have matching hardware and will run the same workload.
You need to add the hosts to the HGS cluster.
What is the minimum number of times you must run each cmdlet to implement the HGS cluster? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 2
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named
Server1 that runs Windows Server 2016.
A domain-based Group Policy object (GPO) is used to configure the security policy of Server1.
You plan to use Security Compliance Manager (SCM) 4.0 to compare the security policy of Server1 to the WS2012 DNS
Server Security 1.0 baseline.
You need to import the security policy into SCM. What should you do first?
A. From Security Configuration and Analysis, use the Export Template option.
B. Run the Copy-GPO cmdlet and specify the -TargetName parameter.
C. Run the Backup-GPO cmdlet and specify the -Path parameter.
D. Run the secedit.exe command and specify the/export parameter.
Correct Answer: C
https://technet.microsoft.com/en-us/library/ee461052.aspx Backup-GPO cmdlet and specify the -Path parameter creates
a GPO backup folder with GUID name and issuitable to import to SCM 4.0
QUESTION 3
You have the servers configured as shown in the following table.
You purchase a Microsoft Azure subscription, and you create three Microsoft Operations Management Suite (OMS)
workspaces named Workspace1, Workspace2, and Workspace3 You need to deploy Microsoft Monitoring Agent to the
servers to meet the following requirements:
-Antimalware data from all the servers must be visible in Workspace1.
-Security and audit data from the domain controllers and the virtualization hosts must be visible in Workspace2.
-System update data from all the servers in all the workgroups must be visible in Workspaceand
How many OMS agents should you deploy?
A. 10
B. 33
C. 73
D. 45
Correct Answer: C
-Antimalware data from all the servers must be visible in Workspace1.-Security and audit data from the domain
controllers and the virtualization hosts must be visible in Workspace2.-System update data from all the servers in all the
workgroups must be visible in Workspaceand”All the servers” mean all 5 domain controllers, plus all member servers
(physical and virtual, domain andworkgroup) and virtualization hosts, so there are noexemptions.All servers in the above
table mentioned must install OMS Microsoft Monitoring agents
QUESTION 4
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2016.
You need to prevent NTLM authentication on Server1.
Solution: From Windows PowerShell, you run the New-ADAuthenticationPolicy cmdlet.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
ADDS Authentication Policy does not provide ability to prevent the use of NTLM authentication.
QUESTION 5
Your network contains an Active Directory domain.
Microsoft Advanced Threat Analytics (ATA) is deployed to the domain.
A database administrator named DBA1 suspects that her user account was compromised.
Which three events can you identify by using ATA? Each correct answer presents a complete solution.
A. Spam messages received by DBA1.
B. Phishing attempts that targeted DBA1
C. The last time DBA1 experienced a failed logon attempt
D. Domain computers into which DBA1 recently signed.
E. Servers that DBA1 recently accessed.
Correct Answer: CDE
https://docs.microsoft.com/en-us/advanced-threat-analytics/ata-threatsSuspicious authentication failures (Behavioral
brute force)Attackers attempt to use brute force on credentials to compromise accounts.ATA raises an alert when
abnormal failed authentication behavior is detected.Abnormal behaviorLateral movement is a technique often used by
attackers, to move between devices and areas in the victim\\’snetwork to gain access to privileged credentials
orsensitive information of interest to the attacker. ATA is able to detect lateral movement by analyzing thebehavior of
users, devices and their relationship inside thecorporate network, and detect on any abnormal access patterns which
may indicate a lateral movementperformed by an attacker. https://gallery.technet.microsoft.com/ATA-Playbookef0a8e38/view/ReviewsATA Suspicious Activity Playbook Page 35 Action: Attempt to authenticate to DC1
QUESTION 6
Your network contains an Active Directory domain named contoso.com. You plan to implement encryption on a file
server named Server1. Server1 has TPM 2.0 and uses Secure Boot Server1 has the volumes configured as shown in
the
following table.
You need to encrypt the contents of volumes C and G. The solution must use the highest level of security possible.
What should you use to encrypt the contents of each volume? To answer, drag the appropriate encryption options to the
correct volumes. Each encryption option may be used once, more than once, or not at all. You may need to drag the
split
bar between panes or scroll to view content.
Select and Place:
Correct Answer:
QUESTION 7
Your network contains an Active Directory domain named contoso.com.
The domain contains a computer named Computer1 that runs Windows 10.
Computer1 connects to a home network and a corporate network.
The corporate network uses the 172.16.0.0/24 address space internally.
Computer1 runs an application named App1 that listens to port 8080.
You need to ensure that App1.exe can accept connections only when Computer1 is connected to the corporate
network.
Solution: You run the command New-NetFirewallRule -DisplayName “Rule1” -Direction Inbound -Program
“D:\\Apps\\App1.exe” -Action Allow -Profile Domain
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Tested correct cmdlet, worked, and the profile “Domain” for corporate network is also correct.
Pass4itsure 12%
See What Our Customers Are Saying:
Youtube:
Pass4itsure Microsoft 70-744 dumps exam questions answers are updated (242 Q&As) are verified by experts. The associated certifications of https://www.pass4itsure.com/70-744.html dumps is Microsoft Service Provider.
No comments:
Post a Comment