70-744 Exam Details

  • Exam Code
    :70-744
  • Exam Name
    :Securing Windows Server 2016
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :258 Q&As
  • Last Updated
    :Feb 16, 2021

Microsoft 70-744 Online Questions & Answers

  • Question 101:

    You have a server named Server1 that runs Windows Server 2016.

    You need to identify whether any inbound rules on Server1 require that users be authenticated before they can connect to the server.

    Which cmdlet should you use?

    A. Get-NetIPSecRule
    B. Get-NetFirewallRule
    C. Get-NetFirewallProfile
    D. Get-NetFirewallSetting
    E. Get-NetFirewallPortFilter
    F. Get-NetFirewallAddressFilter
    G. Get-NetFirewallApplicationFilter

  • Question 102:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts.

    You need to deploy several critical line-of-business applications to the network to meet the following requirements:

    1.

    The resources of the applications must be isolated from the physical host.

    2.

    Each application must be prevented from accessing the resources of the other applications.

    3.

    The configurations of the applications must be accessible only from the operating system that hosts the application.

    Solution: You deploy a separate Windows container for each application.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 103:

    Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is

    exactly the same in each question in this series.

    Start of repeated scenario.

    Your company has a marketing department.

    The network contains an Active Directory domain named constoso.com. The domain contains the servers configured as shown in the following table.

    All servers run Windows Server 2016. All client computers run Windows 10 and are domain members. All laptops are protected by using BitLocker Drive Encryption (BitLocker).

    You have an organizational unit (OU) named OU1 that contains the computer accounts of application servers. An OU named OU2 contains the computer accounts of the computers in the marketing department. A Group Policy object (GPO)

    named GP1 is linked to OU1. A GPO named GP2 is linked to OU2.

    All computers receive updates from Server1. You create an update rule named Update1.

    End of repeated scenario.

    You need to ensure that you can view Windows PowerShell code that was generated dynamically and executed on the computers in OU1.

    What should you configure in GP1?

    A. Object Access/Audit Application Generated from the advanced audit policy
    B. Turn on PowerShell Script Block Logging from the PowerShell settings
    C. Turn on Module Logging from the PowerShell settings
    D. Object Access/Audit Other Object Access Events from the advanced audit policy

  • Question 104:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts.

    You need to deploy several critical line-of-business applications to the network to meet the following requirements:

    1.

    The resources of the applications must be isolated from the physical host.

    2.

    Each application must be prevented from accessing the resources of the other applications.

    3.

    The configurations of the applications must be accessible only from the operating system that hosts the application.

    Solution: You deploy a separate Hyper-V container for each application.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 105:

    Your network contains an Active Directory domain named contoso.com.

    The domain contains two servers named Server1 and Server2 that run Windows Server 2016.

    You need to install Microsoft Advanced Threat Analytics (ATA) on Server1 and Server2.

    Which four actions should you perform in sequence?

    Select and Place:

  • Question 106:

    You plan to enable Credential Guard on four servers. Credential Guard secrets will be bound to the TPM.

    The servers run Windows Server 2016 and are configured as shown in the following table.

    You need to identify which server you must modify to support the planned implementation. Which server should you identify?

    A. Server1
    B. Server2
    C. Server3
    D. Server4

  • Question 107:

    The network contains an Active Directory domain named constoso.com. The domain contains the servers configured as shown in the following table.

    All servers run Windows Server 2016. All client computers run Windows 10 and are domain members.

    All laptops are protected by using BitLocker Drive Encryption (BitLocker).You have an organizational unit (OU) named OU1 that contains the computer accounts of application servers.

    An OU named OU2 contains the computer accounts of the computers in the marketing department.

    A Group Policy object (GPO) named GP1 is linked to OU1.

    A GPO named GP2 is linked to OU2.

    All computers receive updates from Server1.

    You create an update rule named Update1.

    You need to create a Role Capability file on Server3. Which file should you create?

    A. File1.xml
    B. File1.ini
    C. File1.ps1
    D. File1.psrc

  • Question 108:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts.

    You need to deploy several critical line-of-business applications to the network to meet the following requirements:

    1.

    The resources of the applications must be isolated from the physical host.

    2.

    Each application must be prevented from accessing the resources of the other applications.

    3.

    The configurations of the applications must be accessible only from the operating system that hosts the application.

    Solution: You deploy one Hyper-V container to host all of the applications.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 109:

    Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series.

    Information and details provided in a question apply only to that question.

    You have a server named Server1 that runs Windows Server 2016.

    You need to identify whether any connection security rules are configured on Server1.

    Which cmdlet should you use?

    A. Get-NetIPSecRule
    B. Get-NetFirewallRule
    C. Get-NetFirewallProfile
    D. Get-NetFirewallSetting
    E. Get-NetFirewallPortFilter
    F. Get-NetFirewallAddressFilter
    G. Get-NetFirewallSecurityFilter
    H. Get-NetFirewallApplicationFilter

  • Question 110:

    A shielding data file (also called a provisioning data file or PDK file) is an encrypted file that a tenant or VM owner creates to protect important VM configuration information. A fabric administrator uses the shielding data file when creating a shielded VM, but is unable to view or use the information contained in the file.

    Which information can be stored in the shielding data file?

    A. Administrator credentials
    B. All of these
    C. A Key Protector
    D. Unattend.xml

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-744 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.