Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is
exactly the same in each question in this series.
Start of repeated scenario.
Your company has a marketing department.
The network contains an Active Directory domain named constoso.com. The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2016. All client computers run Windows 10 and are domain members. All laptops are protected by using BitLocker Drive Encryption (BitLocker).
You have an organizational unit (OU) named OU1 that contains the computer accounts of application servers. An OU named OU2 contains the computer accounts of the computers in the marketing department. A Group Policy object (GPO)
named GP1 is linked to OU1. A GPO named GP2 is linked to OU2.
All computers receive updates from Server1. You create an update rule named Update1.
End of repeated scenario.
You need to ensure that you can view Windows PowerShell code that was generated dynamically and executed on the computers in OU1.
What should you configure in GP1?
A. Object Access\\Audit Application Generated from the advanced audit policyYour network contains an Active Directory domain named contoso.com.
You download Microsoft Security Compliance Toolkit 1.0 and all the security baselines.
You need to deploy one of the security baselines to all the computers in an organizational unit (OU) named OU1.
What should you do?
A. Run 1gpo.exe and specify the /g parameter. From Policy Analyzer, click Add.HOTSPOT
You have 100 computers that run Windows 10 and are members of a workgroup.
You need to configure Windows Defender to meet the following requirements:
1. Exclude a C:\Sales|Salesdb from malware scans.
2. Configure a full scan to occur daily.
What should you run to meet each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

HOTSPOT
You are implementing Privileged Access Management (PAM) for an Active Directory forest named contoso.com.
You install a bastion forest named adatum.com, and you establish a trust between the forests.
You need to create a group in contoso.com that will be used by Microsoft Identity Manager to create groups in adatum.com.
How should you configure the group? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2016.
You deploy the Advanced Threat Analytics (ATA) Gateway to Server1.
You plan to collect events from the domain controllers by using a source-initiated configuration.
You need to configure security to allow Server1 to collect the events.
What should you do?
A. Add the Contoso\Domain Controllers account to the Contoso\Event Log Readers group.Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012. The forest contains a single domain. The domain contains multiple Hyper-V hosts.
You plan to deploy guarded hosts.
You deploy a new server named Server22 to a workgroup.
You need to configure Server22 as a Host Guardian Service server.
What should you do before you initialize the Host Guardian Service on Server22?
A. Install the Active Directory Domain Services server role on Server22.Your network contains an Active Directory domain named contoso.com. The domain contains multiple servers
that run multiple applications.
Domain user accounts are used to authenticate access requests to the servers.
You plan to prevent NTLM from being used to authenticate to the servers.
You start to audit NTLM authentication events for the domain.
You need to view all of the NTLM authentication events and to identify which applications authenticate by using NTLM.
On which computers should you review the event logs and which logs should you review?
A. Computers on which to review the event logs: Only client computersYour network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2016.
You deploy Advanced Threat Analytics (ATA) to Server 1.
you need to move the ATA database to a different folder.
A. Config.jsonYou plan to implement a guarded fabric in TPM-trusted attestation mode. The fabric will contain a three-node Host Guardian Service (HGS) cluster and four guarded hosts.
All the hosts will have matching hardware and will run the same workload.
You need to add the hosts to the HGS cluster.
What is the minimum number of times you must run each cmdlet to implement the HGS cluster? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Your network contains an Active Directory domain named contoso.com. The domain contains several shielded virtual machines.
You deploy a new server named Server1 that runs Windows Server 2016. You install the Hyper-V server role on Server1.
You need to ensure that you can host shielded virtual machines on Server1.
What should you install on Server1?
A. Host Guardian Hyper-V SupportNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-744 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.