We provide real microsoft 70 680 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Microsoft microsoft 70 680 Exam quickly & easily. The 70 680 exam PDF type is available for reading and printing. You can print more and practice many times. With the help of our Microsoft 70 680 pdf dumps pdf and vce product and material, you can easily pass the microsoft 70 680 exam.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Microsoft 70-680 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-680 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/70-680-exam-dumps.html
Q141. - (Topic 1)
You have a standalone computer that runs Windows 7. Multiple users share the computer.
You need to ensure that you can read the content of all encrypted files on the computer.
What should you do?
A. Run the Certificates Enrollment wizard and then run Certutil.exe -importpfx.
B. Run the Certificates Enrollment wizard and then run Certutil.exe -installcert.
C. Run Cipher.exe /r and then add a data recovery agent from the local security policy.
D. Run Cipher.exe /rekey and then import a security template from the local security policy.
Answer: C
Explanation:
Cipher Displays or alters the encryption of folders and files on NTFS volumes. Used without parameters, cipher displays the encryption state of the current folder and any files it contains. Administrators can use Cipher.exe to encrypt and decrypt data on drives that use the NTFS file system and to view the encryption status of files and folders from a command prompt. The updated version adds another security option. This new option is the ability to overwrite data that you have deleted so that it cannot be recovered and accessed.When you delete files or folders, the data is not initially removed from the hard disk. Instead, the space on the disk that was occupied by the deleted data is "deallocated." After it is deallocated, the space is available for use when new data is written to the disk. Until the space is overwritten, it is possible to recover the deleted data by using a low-level disk editor or data-recovery software.
If you create files in plain text and then encrypt them, Encrypting File System (EFS) makes a backup copy of the file so that, if an error occurs during the encryption process, the data is not lost. After the encryption is complete, the backup copy is deleted. As with other deleted files, the data is not completely removed until it has been overwritten. The new version of the Cipher utility is designed to prevent unauthorized recovery of such data.
/K Creates a new certificate and key for use with EFS. If this option is chosen, all the other options will be ignored. By default, /k creates a certificate and key that conform to current group plicy. If ECC is specified, a self-signed certificate will be created with the supplied key size. /R Generates an EFS recovery key and certificate, then writes them to a .PFX file (containing certificate and private key) and a .CER file (containing only the certificate). An administrator may add the contents of the .CER to the EFS recovery policy to create the recovery for users, and import the .PFX to recover individual files. If SMARTCARD is specified, then writes the recovery key and certificate to a smart card. A .CER file is generated (containing only the certificate). No .PFX file is genereated. By default, /R creates an 2048-bit RSA recovery key and certificate. If EECC is specified, it must be followed by a key size of 356, 384, or 521.
Q142. - (Topic 1)
You have a computer that runs Windows 7.
Multiple users log on to the computer.
You need to deny one user access to removable devices on the computer. All other users must have access to the removable drives.
What should you do?
A. From the local Group Policy, modify an application control policy.
B. From Control Panel, modify the BitLocker Drive Encryption settings.
C. From Device Manager, modify the settings of all removable devices.
D. From the local Group Policy, modify a removable storage access policy.
Answer: D
Q143. - (Topic 6)
You administer client computers that have Windows 7 Professional SP1 64-bit installed. All desktops are members of a single Active Directory domain.
You plan to install a driver manufactured by an unknown provider.
You need to prepare the client computers for the driver installation.
What should you do?
A. Disable the Code signing for device drivers Domain Group Policy setting.
B. Add each user to the Domain Administrators group.
C. Run the SigVerif.exe command.
D. Enable the Code signing for device drivers Domain Group Policy setting.
Answer: A
Q144. - (Topic 6)
You use a computer that has Windows 7 SP1 installed and has a folder named C:\Data.
The active network connection for the computer is configured as Public.
You assign User1 to a local group called DataUsers. The group has been granted Read NTFS permissions for the folder.
User1 browses to the shared folder across the network and receives the following error message:
"Access is Denied."
You need to ensure that the user can download files from the shared folder.
What should you do?
A. Allow file and printer sharing through Windows Firewall.
B. Change the network location of the computer from a Public network to a Home or Work network.
C. From the Security settings of the C:\Data folder, assign the Full Control NTFS permissions to User1.
D. From the Advanced Sharing settings of the folder, assign the Read share permission to User1.
E. From the Advanced Sharing permissions, enable caching.
Answer: D
Q145. - (Topic 6)
You are a network administrator for a global company that has Windows Server 2008 R2 servers and Windows 7 Enterprise computers.
Management wants to decrease VPN costs by implementing DirectAccess for remote network access.
They assign you to evaluate the current network infrastructure, which includes the following elements:
Active Directory
IPv6 network and applications
Server for DirectAccess service
You need to ensure that all critical infrastructure components are present.
What should you add to the infrastructure?
A. Windows Internet Name Service (WINS) server
B. Public key infrastructure
C. NAT-PT devices
D. Windows Server 2012
Answer: B
Explanation: DirectAccess With Windows Server 2008 R2 requires:
* Public key infrastructure (PKI) to issue computer certificates.
* One or more DirectAccess servers running Windows Server 2008 R2 with two network adapters: one that is connected directly to the Internet, and a second that is connected to the intranet.
* On the DirectAccess server, at least two consecutive, public IPv4 addresses assigned to the network adapter that is connected to the Internet.
* DirectAccess clients running Windows 7 or Windows 8 "Enterprise" edition clients
* At least one domain controller and Domain Name System (DNS) server running Windows Server 2008 SP2 or Windows Server 2008 R2.
Note: DirectAccess, also known as Unified Remote Access, is a VPN-like technology that provides intranet connectivity to client computers when they are connected to the Internet. Unlike many traditional VPN connections, which must be initiated and terminated by explicit user action, DirectAccess connections are designed to connect automatically as soon as the computer connects to the Internet. DirectAccess was introduced in Windows Server 2008 R2, providing this service to Windows 7 and Windows 8 "Enterprise" edition clients.
Q146. - (Topic 6)
A user in your company wants to upgrade a Windows Vista Business computer to Windows
7.
You need to upgrade the computer to the minimum Windows 7 edition that meets the following requirements:
BitLockerTo Go
DirectAccess
Which Windows 7 edition should you choose?
A. Windows 7 Home Premium
B. Windows 7 Professional
C. Windows 7 Home Basic
D. Windows 7 Ultimate
Answer: D
Q147. - (Topic 3)
You have a Windows image (WIM) file that contains an image of Windows 7. The WIM file is 2 GB.
You need to ensure that you can copy the image to CD.
What should you do?
A. Run Imagex.exe and specify the /split parameter.
B. From the properties of the WIM file, enable compression.
C. Run Dism.exe and specify the /cleanup-wim parameter.
D. Right-click the WIM file, point to Send To and then click Compressed (zipped) Folder.
Answer: A
Explanation:
Imagex ImageX is a command-line tool that enables original equipment manufacturers (OEMs) and corporations to capture, to modify, and to apply file-based disk images for rapid deployment. ImageX works with Windows image (.wim) files for copying to a network, or it can work with other technologies that use .wim images, such as Windows Setup, Windows Deployment Services (Windows DS), and the System Management Server (SMS) Operating System Feature Deployment Pack.
/split image_filedest_filesize
Splits an existing .wim file into multiple read-only split .wim files (.swm).
image_file
Specifies the name and location of the .wim file to split.
dest_file
Specifies the file path of the split files.
SizeSpecifies the maximum size in megabytes (MB) for each created file. This option generates the .swm files into the specified directory, naming each file the same as the specified image_file, but with an appended number and the .swm file-name extension. For example, if you choose to split a file named Data.wim, this option creates a Data.swm file, a Data2.swm file, a Data3.swm file, and so on, defining each portion of the split .wim file.
Q148. - (Topic 2)
Your company's chief accountant consults you with a question about a financial spreadsheet. She needs to recover the version of this particular spreadsheet that existed six months ago because it is needed for a financial audit. Using Restore Previous Versions, you find that the oldest version stored is dated three months ago. How can you recover the required file?
A. Edit the System Protection properties for the volume that hosts the file. Use the Max Usage slider to increase the maximum proportion of the hard disk capacity used for system protection to 70 percent.
B. Perform a system restore. Select a system restore point that was created six months ago.
C. Edit the System Protection properties for the volume that hosts the file. Select the Only Restore Previous Versions Of Files setting.
D. Use the Backup And Restore console to recover the file from a backup set generated six months ago.
Answer: D
Q149. - (Topic 3)
Your network contains computers that run either Windows Vista (x86) or Windows 7 (x86). All computers are joined to a domain.
You install a computer named Computer1 that runs Windows 7 (64-bit). You share a printer named Printer1 on Computer1.
You need to ensure that any user can automatically download and install the drivers for Printer1.
What should you do from Printer Properties?
A. Install a new driver.
B. Enable bidirectional support.
C. Modify the Additional Drivers settings.
D. Assign the Manage this printer permission to the Domain Users group.
Answer: C
Explanation:
If you are going to be sharing a printer with computers running previous versions of Microsoft Windows, you can add the drivers for the printer using Additional Drivers. When you add additional drivers, other computers on the network that do not have the printer drivers installed are able to download them from the computer that is sharing the printer.
Q150. - (Topic 3)
You need to prevent a custom application from connecting to the Internet.
What should you do?
A. From Windows Firewall, add a program.
B. From Windows Defender, modify the Allowed items list.
C. From Windows Firewall with Advanced Security, create an inbound rule.
D. From Windows Firewall with Advanced Security, create an outbound rule.
Answer: D
Explanation:
Outbound Rule Outbound rules allow you to block and allow traffic that originates on the computer from traveling out to the network.Creating WFAS Rules The process for configuring inbound rules and outbound rules is essentially the same: In the WFAS console, select the node that represents the type of rule that you want to create and then click New Rule. This opens the New Inbound (or Outbound) Rule Wizard. The first page, allows you to specify the type of rule that you are going to create. You can select between a program, port, predefined, or custom rule. The program and predefined rules are similar to what you can create using Windows Firewall. A custom rule allows you to configure a rule based on criteria not covered by any of the other options. You would create a custom rule if you wanted a rule that applied to a particular service rather than a program or port. You can also use a custom rule if you want to create a rule that involves both a specific program and a set of ports. For example, if you wanted to allow communication to a specific program on a certain port but not other ports, you would create a custom rule.QUESTION NO: 290 You have a computer that runs Windows 7. The network contains a monitoring server named Server1. The computer runs a monitoring service named Service1. Service1 uses Remote Procedure Calls (RPCs). You need to ensure that Service1 can receive requests from Server1.
What should you do?
A. From Windows Firewall with Advanced Security, create a predefined rule.
B. From Windows Firewall with Advanced Security, create a custom rule.
C. From Network and Sharing Center, modify the network location settings.
D. From Network and Sharing Center, modify the advanced sharing settings.
Answer: B
Creating WFAS Rules The process for configuring inbound rules and outbound rules is essentially the same: In the WFAS console, select the node that represents the type of rule that you want to create and then click New Rule. This opens the New Inbound (or Outbound) Rule Wizard. The first page, allows you to specify the type of rule that you are going to create. You can select between a program, port, predefined, or custom rule. The program and predefined rules are similar to what you can create using Windows Firewall. A custom rule allows you to configure a rule based on criteria not covered by any of the other options. You would create a custom rule if you wanted a rule that applied to a particular service rather than a program or port. You can also use a custom rule if you want to create a rule that involves both a specific program and a set of ports. For example, if you wanted to allow communication to a specific program on a certain port but not other ports, you would create a custom rule.
