[November-2018-New]Exam 70-744 PDF and 70-744 VCE Dumps 201Q Free Offered by Braindump2go[Q124-Q134]
2018/November Braindump2go 70-744 Exam Dumps with PDF and VCE New Updated Today! Following are some new 70-744 Real Exam Questions:
1.|2018 Latest 70-744 Exam Dumps (PDF & VCE) 201Q&As Download:
https://www.braindump2go.com/70-744.html
2.|2018 Latest 70-744 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNMDN6VjRLbFVKaWM?usp=sharing
QUESTION 125
Your network contains an Active Directory domain named contoso.com.
You are deploying Microsoft Advanced Threat Analytics (ATA) to the domain.
You install the ATA Gateway on a server named Server1.
To assist in detecting Pass-the-Hash attacks, you plan to configure ATA Gateway to collect events.
You need to configure the query filter for event subscriptions on Server1.
How should you configure the query filter? Choose two
A. Event log to configure: Application
B. Event log to configure: Directory Services
C. Event log to configure: Security
D. Event log to configure: System
E. Event ID to include: 1000
F. Event ID to include: 1009
G. Event ID to include: 1025
H. Event ID to include: 4776
I. Event ID to include: 4997
Answer: CH
Explanation:
https://docs.microsoft.com/en-us/advanced-threat-analytics/configure-event-collection
To enhance detection capabilities, ATA needs the following Windows events: 4776, 4732, 4733, 4728, 4729,4756, 4757.These can either be read automatically by the ATA Lightweight Gateway or in case the ATA LightweightGateway is not deployed,it can be forwarded to the ATA Gateway in one of two ways, by configuring the ATA Gateway to listen for SIEMevents or by configuring Windows Event Forwarding.
Event ID: 4776 NTLM authentication is being used against domain controllerEvent ID: 4732 A User is Added to Security-Enabled DOMAIN LOCAL Group,Event ID: 4733 A User is removed from Security-Enabled DOMAIN LOCAL GroupEvent ID: 4728 A User is Added or Removed from Security-Enabled Global GroupEvent ID: 4729 A User is Removed from Security-Enabled GLOBAL GroupEvent ID: 4756 A User is Added or Removed From Security-Enabled Universal GroupEvent ID: 4757 A User is Removed From Security- Enabled Universal Group
QUESTION 126
Your network contains an Active Directory domain named contoso.com.
The domain contains 10 computers that are in an organizational unit (OU) named OU1.
You deploy the Local Administrator Password Solution (LAPS) client to the computers.
You link a Group Policy object (GPO) named GPO1 to OU1, and you configure the LAPS password policy settings in GPO1.
You need to ensure that the administrator passwords on the computers in OU1 are managed by using LAPS.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Restart the domain controller that hosts the PDC emulator role.
B. Update the Active Directory Schema.
C. Enable LDAP encryption on the domain controllers.
D. Restart the computers.
E. Modify the permissions on OU1.
Answer: BE
QUESTION 127
Your network contains an Active Directory domain named contoso.com.
You plan to deploy an application named App1.exe.
You need to verify whether Control Flow Guard is enabled for App1.exe.
Which command should you run?
A. Dumpbin.exe /dependents /locadconfig App1.exe
B. Dumpbin.exe /headers /locadconfig App1.exe
C. Dumpbin.exe /relocations /locadconfig App1.exe
D. Dumpbin.exe /symbols /locadconfig App1.exe
E. Sfc.exe /dependents /locadconfig App1.exe
F. Sfc.exe /headers /locadconfig App1.exe
G. Sfc.exe /relocations /locadconfig App1.exe
H. Sfc.exe /symbols /locadconfig App1.exe
I. Sigverif.exe /dependents /locadconfig App1.exe
J. Sigverif.exe /headers /locadconfig App1.exe
K. Sigverif.exe /relocations /locadconfig App1.exe
L. Sigverif.exe /symbols /locadconfig App1.exe
M. Verifier.exe /dependents /locadconfig App1.exe
N. Verifier.exe /headers /locadconfig App1.exe
O. Verifier.exe /relocations /locadconfig App1.exe
P. Verifier.exe /symbols /locadconfig App1.exe
Answer: B
Explanation:
ttps://msdn.microsoft.com/en-us/library/windows/desktop/mt637065(v=vs.85).aspx
Control Flow Guard (CFG) is a highly-optimized platform security feature that was created to combat memorycorruption vulnerabilities.By placing tight restrictions on where an application can execute code from, it makes it much harder for exploitsto execute arbitrary code through vulnerabilitiessuch as buffer overflows.To verify if Control Flow Guard is enable for a certain application executable:-Run the dumpbin.exe tool (included in the Visual Studio 2015 installation) from the Visual Studio commandprompt with the /headers and /loadconfig options:dumpbin.exe /headers /loadconfig test.exe.The output for a binary under CFG should show that the header values include “Guard”, and that the loadconfig values include “CF Instrumented” and “FID tablepresent”.1
QUESTION 128
Your network contains an Active Directory domain named contoso.com.
The domain contains 10 servers that run Windows Server 2016 and 800 client computers that run Windows 10.
You need to configure the domain to meet the following requirements:
– Users must be locked out from their computer if they enter an incorrect password twice.
– Users must only be able to unlock a locked account by using a one-time password that is sent to their mobile phone.
You deploy all the components of Microsoft Identity Manager (MIM) 2016.
Which three actions should you perform before you deploy the MIM add-ins and extensions? Each correct answer presents part of the solution.
A. From a Group Policy object (GPO), configure Public Key Policies
B. Deploy a Multi-Factor Authentication provider and copy the required certificates to the MIM server.
C. From the MIM Portal, configure the Password Reset AuthN Workflow.
D. Deploy a Multi-Factor Authentication provider and copy the required certificates to the client computers.
E. From a Group Policy object (GPO), configure Security Settings.
Answer: BCE
Explanation:
-Users must be locked out from their computer if they enter an incorrect password twice. (E)
-Users must only be able to unlock a locked account by using a one-time password that is sent to their mobilephone. (B and C), detailed configuration process inthe following web page.
https://docs.microsoft.com/en-us/microsoft-identity-manager/working-with-self-service-passwordreset#prepare-mim-to-work-with-multi-factor-authentication
QUESTION 129
The network contains an Active Directory domain named contoso.com.
The domain contains the servers configured as shown in the following table.
All servers run Windows Server 2016.
All client computers run Windows 10 and are domain members.
All laptops are protected by using BitLocker Drive Encryption (BitLocker).
You have an organizational unit (OU) named OU1 that contains the computer accounts of application servers.
An OU named OU2 contains the computer accounts of the computers in the marketing department.
A Group Policy object (GPO) named GP1 is linked to OU1.
A GPO named GP2 is linked to OU2.
All computers receive updates from Server1.
You create an update rule named Update1.
You need to ensure that you can encrypt the operating system drive of VM1 by using BitLocker.
Which Group Policy should you configure?
A. Configure use of hardware-based encryption for operating system drives
B. Configure TPM platform validation profile for native UEFI firmware configurations
C. Require additional authentication at startup
D. Configure TPM platform validation profile for BIOS-based firmware configurations
Answer: C
Explanation:
As there is not a choice “Enabling Virtual TPM for the virtual machine VM1”, then we have to use a fall-backmethod for enabling BitLocker in VM1.
https://www.howtogeek.com/howto/6229/how-to-use-bitlocker-on-drives-without-tpm/
QUESTION 130
The Job Title attribute for a domain user named User1 has a value of Sales Manager.
User1 runs whoami /claims and receives the following output:
Kerberos support for Dynamic Access Control on this device has been disabled.
You need to ensure that the security token of User1 has a claim for Job Title.
What should you do?
A. From Windows PowerShell, run the New-ADClaimTransformPolicy cmdlet and specify the -Name
parameter
B. From Active Directory Users and Computers, modify the properties of the User1 account.
C. From Active Directory Administrative Center, add a claim type.
D. From a Group Policy object (GPO), configure KDC support for claims, compound authentication, and Kerberos armoring.
Answer: C
Explanation:
From the output, obviously, a claim type is missing (or disabled) so that the domain controller is not issuingtickets with the “Job Title” claim type.
QUESTION 131
Your network contains an Active Directory domain named contoso.com.
You deploy a server named Server1 that runs Windows Server 2016. Server1 is in a workgroup.
You need to collect the logs from Server1 by using Log Analytics in Microsoft Operations Management Suite (OMS).
What should you do first?
A. Join Server1 to the domain.
B. Create a Data Collector Set.
C. Install Microsoft Monitoring Agent on Server1.
D. Create an event subscription.
Answer: C
Explanation:
https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-windows-agents
You need to install and connect Microsoft Monitoring Agent for all of the computers that you
You can install the OMS MMA on stand-alone computers, servers, and virtual machines.
QUESTION 132
Your network contains an Active Directory domain named contoso.com.
The domain contains two DNS servers that run Windows Server 2016.
The servers host two zones named contoso.com and admin.contoso.com.
You sign both zones.
You need to ensure that all client computers in the domain validate the zone records when they query the zone.
What should you deploy?
A. a Microsoft Security Compliance Manager (SCM) policy
B. a zone transfer policy
C. a Name Resolution Policy Table (NRPT)
D. a connection security rule
Answer: C
Explanation:
You should use Group Policy NRPT to for a DNS Client to perform DNSSEC validation of DNS zone records.
QUESTION 133
Your network contains an Active Directory domain named contoso.com.
The domain contains two global groups named Group1 and Group2.
A user named User1 is a member of Group1.
You have an organizational unit (OU) named OU1 that contains the computer accounts of computers that contain sensitive data.
A Group Policy object (GPO) named GPO1 is linked to OU1. OU1 contains a computer account named Computer1.
GPO1 has the User Rights Assignment configured as shown in the following table.
You need to prevent User1 from signing in to Computer1. What should you do?
A. From Default Domain Policy, modify the Allow log on locally user right
B. On Computer1, modify the Deny log on locally user right.
C. From Default Domain Policy, modify the Deny log on locally user right
D. Remove User1 to Group2.
Answer: D
Explanation:
https://technet.microsoft.com/en-us/library/cc957048.aspx
“Deny log on locally”Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\User Rights AssignmentDetermines which users are prevented from logging on at the computer.This policy setting supercedes the Allow Log on locally policy setting if an account is subject to bothpolicies.Therefore, adding User1 to Group2 will let User1 to inherit both policy, and then prevent User1 to sign in toComputer1.
QUESTION 134
You are creating a Nano Server image for the deployment of 10 servers.
You need to configure the servers as guarded hosts that use Trusted Platform Module (TPM) attestation.
Which three packages should you include in the Nano Server image? Each correct answer presents part of the solution.
A. Microsoft-NanoServer-SecureStartup-Package
B. Microsoft-NanoServer-ShieldedVM-Package
C. Microsoft-NanoServer-Storage-Package
D. Microsoft-NanoServer-SCVMM-Compute-Package
E. Microsoft-NanoServer-SCVMM-Package
F. Microsoft-NanoServer-Compute-Package
Answer: ABF
Explanation:
https://docs.microsoft.com/en-us/system-center/vmm/guarded-deploy-host?toc=/windows- server/virtualization/toc.json
For an SCVMM Managed Nano Server Hyper-V case:If your host is running Nano Server Hyper-V host, it should have the Compute, SCVMM-Package, SCVMMCompute, SecureStartup, and ShieldedVM
packagesinstalled.https://docs.microsoft.com/en-us/windows-server/get-started/deploy- nano-serverFor an standalone Nano Server Hyper-V host, no SCVMM related packages are required, only Compute,SecureStartup, and ShieldedVM packages are required.This table shows the roles and features that are available in this release of Nano Server, along with theWindows PowerShell options that will install the packagesfor them.Some packages are installed directly with their own Windows PowerShell switches (such as -Compute); othersyou install by passing package names to the Package parameter, which you can combine in a comma-separated list.
You can dynamically list availablepackages using the Get-NanoServerPackage cmdlet.
QUESTION 135
You plan to enable Credential Guard on four servers.
Credential Guard secrets will be bound to the TPM.
The servers run Windows Server 2016 and are configured as shown in the following table.
Which of the above server you could enable Credential Guard?
A. Server1
B. Server2
C. Server3
D. Server4
Answer: D
Explanation:
https://docs.microsoft.com/en-us/windows/access-protection/credential-guard/credential-guard-requirementsHardware and software requirements
To provide basic protections against OS level attempts to read Credential Manager domain credentials, NTLMand Kerberos derived credentials, WindowsDefender Credential Guard uses:- Support for Virtualization-based security (required)-Secure boot (required)-TPM 2.0 either discrete or firmware (preferred ?provides binding to hardware)-UEFI lock (preferred ?prevents attacker from disabling with a simple registry key change)
!!!RECOMMEND!!!
1.|2018 Latest 70-744 Exam Dumps (PDF & VCE) 201Q&As Download:
https://www.braindump2go.com/70-744.html
2.|2018 Latest 70-744 Study Guide Video: