You have a Hyper-V host named Hyper1 that has a virtual machine named FS1. FS1 is a file server that contains sensitive data. You need to secure FS1 to meet the following requirements:
1.
Prevent console access to FS1.
2.
Prevent data from being extracted from the VHDX file of FS1.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Enable BitLocker Drive Encryption (BitLocker) for all the volumes on FS1Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contain an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. Computer1 connects to a home network and a corporate network.
The corporate network uses the 172.16.0.0/24 address space internally.
Computer1 runs an application named App1 that listens to port 8080.
You need to prevent connections to App1 when Computer1 is connected to the home network.
Solution: From Windows Firewall with Advanced Security, you create an inbound rule.
Does this meet the goal?
A. YesHOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains multiple servers that run multiple applications. Domain user accounts are used to authenticate access requests to the servers.
You plan to prevent NTLM from being used to authenticate to the servers.
You start to audit NTLM authentication events for the domain. You need to view all of the NTLM authentication events and to identify which applications authenticate by using NTLM.
On which computers should you review the event logs and which logs should you review? To answer, select the appropriate options in the answer area.
Hot Area:

You network contains an Active Directory forest named contoso.com.
All domain controllers run Windows Server 2016 Member servers run either Windows Server 2012 R2 or Windows Server 2016.
Client computers run either Windows 8.1 or Windows 10.
You need to ensure that when users access files in shared folders on the network, the files are encrypted when
they are transferred over the network.
Solution: You enable access-based enumeration on all the file shares. Does this meet the goal?
A. YesYou have a server named Server1 that runs Windows Server 2016.
You need to install Security Compliance Manager (SCM) 4.0 on Server1.
What should you install on Server1 first?
A. the .NET Framework 3.5 Features featureYour network contains an Active Directory domain named contoso.com.
The domain contains 10 computers that are in an organizational unit (OU) named OU1.
You deploy the Local Administrator Password Solution (LAPS) client to the computers.
You link a Group Policy object (GPO) named GPO1 to OU1, and you configure the LAPS password policy settings in GPO1.
You need to ensure that the administrator passwords on the computers in OU1 are managed by using LAPS.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Restart the domain controller that hosts the PDC emulator role.Your network contains an Active Directory domain named contoso.com.The domain contains 1,000 client computers that run either Windows 8.1 or Windows 10.
You have a Windows Server Update Services (WSUS) deployment All client computers receive updates from WSUS.
You deploy a new WSUS server named WSUS2.
You need to configure all of the client computers that run Windows 10 to send WSUS reporting data to WSUS2.
What should you configure?
A. an approval ruleYou implement Log Analytics in Microsoft Operations Management Suite (OMS) on all servers that run Windows Server 2016.
You need to generate a daily report that identifies which servers restarted during the last 24 hours.
Which query should you use?
A. EventLog=Application EventId:6009 Type:Event TimeGenerated>NOW+24HOURSYou have a server named Server1 that runs Windows Server 2016. Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You need to enable SMB encryption for Share1.
What should you do?
A. From Shared Folders, modify the Security settings of Share1HOTSPOT
Your network contains an Active Directory domain named adatum.com.
The domain contains a server named Server1 that runs Windows Server 2016. The domain contains two users named User1 and User2.
On Server1, you create two files named File1.doc and File2.doc in a folder named C:\Folder1.
The Audit Entry for File1.doc is configured as shown in the File1 exhibit. (Click the File1 tab.)

File2.doc has an empty auditing entry list.
The Auditing Entry for Global File SACL that applies to Server1 is configured as shown in the SACL exhibit. (Click the SACL tab.)

The Advanced Audit Policy Configuration for Server1 is configured as shown in the Audit Policy exhibit. (Click the Audit Policy tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-744 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.