70-744 Exam Details

  • Exam Code
    :70-744
  • Exam Name
    :Securing Windows Server 2016
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :258 Q&As
  • Last Updated
    :Feb 16, 2021

Microsoft 70-744 Online Questions & Answers

  • Question 251:

    DRAG DROP

    Your network contains an Active Directory domain. The domain contains a server named Server1.

    You install Advanced Threat Analytics (ATA) on Server1.

    You need to configure ATA to detect suspicious activities in the domain.

    Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

    Select and Place:

  • Question 252:

    Your network contains an Active Directory domain named contoso.com.

    You deploy a server named Server1 that runs Windows Server 2016. Server1 is in a workgroup.

    You need to collect the logs from Server1 by using Log Analytics in Microsoft Operations Management Suite (OMS).

    What should you do first?

    A. Join Server1 to the domain.
    B. Create a Data Collector Set.
    C. Install Microsoft Monitoring Agent on Server1.
    D. Create an event subscription.

  • Question 253:

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your network contains an Active Directory domain named contoso.com. All client computers run Windows 10.

    You plan to deploy a Remote Desktop connection solution for the client computers.

    You have four available servers in the domain that can be configured as Remote Desktop servers. The servers are configured as shown in the following table.

    You need to ensure that alt Remote Desktop connections can be protected by using Remote Credential Guard. Solution: You deploy the Remote Desktop connection solution by using Server1. Does that meet the goal?

    A. Yes
    B. No

  • Question 254:

    HOTSPOT

    You plan to implement Windows Defender Device Guard in your datacenter.

    You build a model server that contains all the drivers and the software that you want to deploy and secure.

    You need to create a new policy to ensure that only whitelisted files can be loaded to the servers. The policy must be in enforcement mode.

    How should you complete the commands? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

    Hot Area:

  • Question 255:

    DRAG DROP

    Your network contains an Active Directory domain named contoso.com. The domain contains a user named User1 and a computer named Computer1. Remote Server Administration Tools (RSAT) is installed on Computer1.

    You need to add User1 as a data recovery agent in the domain.

    Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

    Select and Place:

  • Question 256:

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Serve1, that runs Windows Server 2016.

    A technician is testing the deployment of Credential Guard on Server1.

    You need to verify whether Credential Guard is enabled on Server1.

    What should you do?

    A. From a command prompt fun the credwiz.exe command.
    B. From Task Manager, review the processes listed on the Details tab.
    C. From Server Manager, click Local Server, and review the properties of Server!
    D. From Windows PowerShell, run the Get-WsManCredSSP cmdlet.

  • Question 257:

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that has Microsoft Security Compliance Manager (SCM) 4.0 installed. The domain contains domain controllers that run

    Windows Server 2016.

    A Group Policy object (GPO) named GPO1 is applied to all of the domain controllers.

    GPO1 has a Globally Unique Identifier (GUID) of 7ABCDEFG-1234-5678-90AB-005056123456.

    You need to create a new baseline that contains the settings from GPO1. What should you do first?

    A. Copy the \\\\contoso.com\\sysvol\\contoso.com\\Policies\\{7ABCDEFG-1234-5678-90AB-005056123456} folder to Server1.
    B. From Group Policy Management, create a backup of GPO1.
    C. From Windows PowerShell, run the Copy-GPO cmdlet
    D. Modify the permissions of the \\\\contoso.com\\sysvol\\contoso.com\\Policies\\{7ABCDEFG-1234-5678-90AB-005056123456}

  • Question 258:

    Your network contains an Active Directory domain.

    You plan to run shielded virtual machines.

    You are implementing TPM attestation mode for a guarded fabric.

    You create a Code Integrity policy named Integrity1.xml.

    You need to ensure that you can apply the Code Integrity policy to Hyper-V hosts.

    Which cmdlet should you run?

    A. Add-SignerRule
    B. Add-HgsAttestationTpmHost
    C. Set-HVCIOptions
    D. ConvertFrom-CIPolicy

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-744 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.