70-744 Exam Details

  • Exam Code
    :70-744
  • Exam Name
    :Securing Windows Server 2016
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :258 Q&As
  • Last Updated
    :Feb 16, 2021

Microsoft 70-744 Online Questions & Answers

  • Question 41:

    Your network contains an Active Directory forest named conloso.com.

    The network is connected to the Internet.

    You have 100 point-of-sale (POS) devices that run Windows 10. The devices cannot access the Internet.

    You deploy Microsoft Operations Management Suite (OMS).

    You need to use OMS to collect and analyze data from the POS devices.

    What should you do first?

    A. Deploy Windows Server Gateway to the network.
    B. Install the OMS Log Analytics Forwarder on the network.
    C. Install Microsoft Data Management Gateway on the network.
    D. Install the Simple Network Management Protocol (SNMP) feature on the devices.
    E. Add the Microsoft NDJS Capture service to the network adapter of the devices.

  • Question 42:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You network contains an Active Directory forest named contoso.com. All domain controllers run Windows Server 2016. Member servers run either Windows Server 2012 R2 or Windows Server 2016. Client computers run either Windows 8.1

    or Windows 10.

    You need to ensure that when users access files in shared folders on the network, the files are encrypted when they are transferred over the network.

    Solution: You disable SMB 1.0 on all the computers in the domain, and then you enable the Encrypt data access option on each file share.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 43:

    Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2016.

    The Microsoft Advanced Threat Analytics (ATA) Center service is installed on Server1.

    The domain contains the users shown in the following table.

    You are installing ATA Gateway on Server2.

    You need to specify a Gateway Registration account. Which account should you use?

    A. User1
    B. User2
    C. User3
    D. User4
    E. User5
    F. User6
    G. User7
    H. User8

  • Question 44:

    You have a server named Server1 that runs Windows Server 2016.

    You need to identify whether IPsec tunnel authorization is configured on Server1.

    Which cmdlet should you use?

    A. Get-NetIPSecRule
    B. Get-NetFirewallRule
    C. Get-NetFirewallProfile
    D. Get-NetFirewallSetting
    E. Get-NetFirewallPortFilter
    F. Get-NetFirewallAddressFilter
    G. Get-NetFirewallSecurityFilter
    H. Get-NetFirewallApplicationFilter

  • Question 45:

    Your network contains an Active Directory domain named adatum.com.

    The network contains a server named Server1. Server1 is in a workgroup.

    You need to create a backup of the local Group Policy on Server1 that you can import into a Group Policy object (GPO) in the domain.

    Which tool should you use?

    A. lgpo.exe
    B. Local Group Policy Editor
    C. Group Policy Management
    D. Backup-GPO

  • Question 46:

    Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is

    exactly the same in each question in this series.

    Your network contains an Active Directory domain named contoso.com. The functional level of the forest and the domain is Windows Server 2008 R2.

    The domain contains the servers configured as shown in the following table.

    All servers run Windows Server 2016. All client computers run Windows 10.

    You have an organizational unit (OU) named Marketing that contains the computers in the marketing department. You have an OU named Finance that contains the computers in the finance department. You have an OU named AppServers

    that contains application servers. A Group Policy object (GPO) named GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the AppServers OU.

    You install Windows Defender on Nano1.

    You plan to implement BitLocker Drive Encryption (BitLocker) on the operating system volumes of the application servers.

    You need to ensure that the BitLocker recovery keys are stored in Active Directory.

    Which Group Policy setting should you configure?

    A. System cryptography; Force strong key protection (or user keys stored on the computer
    B. Store Bittocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)
    C. System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing
    D. Choose how BitLocker-protected operating system drives can be recovered

  • Question 47:

    Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2016.Server1 has a shared folder named Share1.

    You plan to create a subfolder in Share1 for each domain user.

    You need to limit each user to using 100 MB of data in their respective subfolder.

    The solution must enable the users to be notified when they use 80 percent of the available space in the subfolder.

    Which tool should you use?

    A. File Explorer
    B. Shared Folders
    C. Server Manager
    D. Disk Management
    E. Storage Explorer
    F. Computer Management
    G. System Configuration
    H. File Server Resource Manager (FSRM)

  • Question 48:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You deploy Windows Server 2016 to a server named Server1.

    You need to ensure that you can run Windows Containers on Server1.

    Solution: On server1, you install the DockerMsftProvider PowerShell and the Docker package. You restart the server.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 49:

    You have a server named Server1 that runs Windows Server 2016 and is configured as a DNS server. You deed to ensure that Server1 can validate records from public DNSSEC-signed DNS zones. What should you do?

    A. From DNS Manager, sign a zone.
    B. From DNS Manager select Enable DNSSEC validation for remote responses
    C. From PowerShell, run Add-DnsServerResourceRecordDnsKey.
    D. From DNS Manager, add a trust anchor.

  • Question 50:

    Note: This question is part of a series of questions that present the same scenario. Each question In the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question In this section, you will NOT be able to return to It. As a result, these questions will not appear in the review screen.

    Your network contains an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. Computer1 connects to a home network and a corporate network.

    The corporate network uses the 172.16.0.0/24 address space internally.

    Computer1 runs an application named App1 that listens to port 8080.

    You need to prevent connections to App1 when Computer1 is connected to the home network.

    Solution: From Group Policy Management, You create an Applocker rule.

    A. Yes
    B. No

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-744 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.