70-744 Exam Details

  • Exam Code
    :70-744
  • Exam Name
    :Securing Windows Server 2016
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :258 Q&As
  • Last Updated
    :Feb 16, 2021

Microsoft 70-744 Online Questions & Answers

  • Question 51:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts.

    You need to deploy several critical line-of-business applications to the network to meet the following requirements:

    1.

    The resources of the applications must be isolated from the physical host.

    2.

    Each application must be prevented from accessing the resources of the other applications.

    3.

    The configurations of the applications must be accessible only from the operating system that hosts the application.

    Solution: You deploy a separate Windows container for each application.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 52:

    Your network contains an Active Directory domain named contoso.com.

    The domain contains a server named Server1 that runs Windows Server 2016.

    You need to prevent NTLM authentication on Server1.

    Solution: From Windows PowerShell, you run the Disable-WindowsOptionalFeature cmdlet.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 53:

    You have a server named Server1 that runs Windows Server 2016.

    You need to identify whether ICMP traffic is exempt from IPsec on Server1.

    Which cmdlet should you use?

    A. Get-NetIPSecRule
    B. Get-NetFirewallRule
    C. Get-NetFirewallProfile
    D. Get-NetFirewallSetting
    E. Get-NetFirewallPortFilter
    F. Get-NetFirewallAddressFilter
    G. Get-NetFirewallSecurityFilter
    H. Get-NetFirewallApplicationFilter

  • Question 54:

    HOTSPOT

    You run the Windows PowerShell commands as shown in the following exhibit.

    Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

    NOTE: Each correct selection is worth one point.

    Hot Area:

  • Question 55:

    You configure a server named Server1 to report to a Microsoft Azure Log Analytics workspace named Workspace1.

    Several events are added to the System log on Server1.

    You run queries in Workspace1, and no events are returned from Server1.

    You confirm that Server1 reports to Workspace1.

    You need to ensure that events from Server1 are sent to Workspace1.

    What should you do?

    A. From Azure Monitor, add a management solution.
    B. On Server1, configure an event subscription.
    C. In Workspace1, configure the Advanced settings.
    D. On Server1, configure the Microsoft Monitoring Agent settings.

  • Question 56:

    You have several virtual machines that run in a hosted data center on Hyper-V hosts.

    The hosting provider recently updated the service offering in its Hyper-V environment to include a new Host Guardian Service (HSG).

    You plan to use the Shielding Data File Wizard to create a data file that will include password information and an RDP file. The file will be used to create new shielded virtual machines in the fabric of the hosting provider.

    What do you require from the hosting provider to complete the wizard?

    A. an XML file that contains the names of all the Hyper-V hosts in the fabric.
    B. an XML file that contains virtual machine configuration data from the Hyper-V hosts
    C. a CER file that contains a certificate from the provider
    D. an XML file that contains guardian metadata

  • Question 57:

    HOTSPOT

    Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of thescenario is exactly the same in each question in this series.

    Start of repeated scenario.

    Your company has a marketing department.

    The network contains an Active Directory domain named constoso.com. The domain contains the servers configured as shown in the following table.

    All servers run Windows Server 2016. All client computers run Windows 10 and are domain members. All laptops are protected by using BitLocker Drive Encryption (BitLocker).

    You have an organizational unit (OU) named OU1 that contains the computer accounts of application servers. An OU named OU2 contains the computer accounts of the computers in the marketing department. A Group Policy object (GPO)

    named GP1 is linked to OU1. A GPO named GP2 is linked to OU2.

    All computers receive updates from Server1. You create an update rule named Update1.

    End of repeated scenario.

    You need to create an Encrypting File System (EFS) data recovery certificate and then add the certificate as an EFS data recovery agent on Server5. What should you use on Server5? To answer, select the appropriate options in the answer area.

    Hot Area:

  • Question 58:

    HOTSPOT

    Your network contains two Active Directory forests named contoso.com and adatum.com. Contoso.com contains a Hyper-V host named Server1. Server1 is a member of a group named HyperHosts. Adatum.com contains a server named Server2. Server1 and Server2 run Windows Server 2016.

    Contoso.com trusts adatum.com.

    You plan to deploy shielded virtual machines to Server1 and to configure Admin-trusted attestation on Server2.

    Which component should you install and which cmdlet should you run on Server2? To answer, select the appropriate options in the answer area.

    Hot Area:

  • Question 59:

    You have a server named Server1.

    You need to configure Windows Defender to perform a full scan every day at 21:00.

    What should you do?

    A. From Control Panel, configure the Security and Maintenance settings
    B. Run the Set-ScheduledJob cmdlet
    C. From the Setting app, modify the Windows Defender settings
    D. Run the Set-MpPreference cmdlet

  • Question 60:

    You configure a server named Server1 to report to a Microsoft Azure Log Analytics workspace named Workspace1.

    Several events are added to the System log on Server1.

    You run queries in Workspace1, and no events are returned from Server1.

    You confirm that Server1 reports to Workspace1.

    You need to ensure that events from Server1 are sent to Workspace1.

    What should you do?

    A. In Workspace1, configure the Advanced settings
    B. On Server1, configure the Microsoft Monitoring Agent settings
    C. On Server1, configure an event subscription
    D. From Azure Monitor, add a management solution

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-744 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.