Our pass rate is high to 98.9% and the similarity percentage between our 70-688 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Microsoft 70-688 exam in just one try? I am currently studying for the Microsoft 70-688 exam. Latest Microsoft 70-688 Test exam practice questions and answers, Try Microsoft 70-688 Brain Dumps First.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Microsoft 70-688 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-688 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/70-688-exam-dumps.html
Q11. DRAG DROP
You support Windows 8 desktop computers for a company named Contoso, Ltd. The computers are members of the Active Directory domain named contoso.com.
Contoso works with a supplier named Fabrikam, Inc. Each company has a public key infrastructure (PKI), and no public certificate authorities (CAs) are used. The Fabrikam network includes a website that is accessible from the Contoso network. The website requires SSL and mutual authentication.
You need to configure the computers to allow contoso.com domain users to access the website without any warning prompts. You also need to use the fewest certificates possible.
Which certificate or certificates should you use? (To answer, drag the appropriate certificate to the correct certificate store. Each certificate may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q12. Your network contains an Active Directory domain. All client computers run Windows 8 Enterprise.
Microsoft System Center 2012 Endpoint Protection is deployed to all of the computers by using the default settings contained in the Default Antimalware Policy.
The users in the research department report that a folder named C:TestApp must not be scanned by the Endpoint Protection client.
You need to configure the Endpoint Protection client not to scan the C:TestApp folder for the computers in the research department only.
What should you do first?
A. In the Endpoint Protection client, modify the Excluded files and locations setting for each research department computer.
B. Create a new antimalware policy and modify the Threat overrides settings.
C. Create a new antimalware policy and modify the Exclusion settings.
D. In the Default Antimalware Policy, modify the Exclusion settings.
Answer: C
Q13. Your network contains an Active Directory domain. The domain contains Windows 8.1 Enterprise client computers.
Users frequently use USB drives to store sensitive files that are used on multiple computers.
Your corporate security policy states that all removable storage devices, such as USB data drives, must be encrypted.
You need to ensure that if a user forgets the password for a USB disk that is encrypted by using BitLocker To Go, the user can resolve the issue themself.
What should you do?
A. Implement the BitLocker Network Unlock feature.
B. Publish a data recovery agent certificate by using a Group Policy object (GPO).
C. For each computer, create a USB startup key.
D. Instruct the user to open BitLocker Drive Encryption, select Back up recovery key, and then select Save to a file.
Answer: B
Q14. You are a systems administrator for Contoso, Ltd.
You disabled picture passwords by using a Group Policy object (GPO) named Picture Password Disable.
Management wants to use picture passwords. You disable and remove the GPO that disables picture passwords.
One user's picture password does not function properly on the user's tablet. The tablet is wirelessly connected to the network. You connect to the tablet and view the screen, which is shown in the following exhibit.
You need to ensure that the tablet is able to use picture passwords. What should you do?
A. Log off of the tablet and then log back on.
B. Run the gpupdate/force command from an elevated command prompt.
C. Run the gpupdate /target:user command from an elevated command prompt.
D. Connect the tablet to a wired connection, and then run the gpresult /F command.
Answer: B
Q15. Your company has a main office and a branch office. Each office contains several servers that run Windows Server 2012.
You need to configure BranchCache for the client computers in the branch office. The solution must ensure that all of the cached content is in a central location.
What should you run on each client computer?
A. the Enable-BCLocal cmdlet
B. the netdom command
C. the netstat command
D. the netsh command
Answer: B
Q16. HOTSPOT
Your network contains an Active Directory domain. All client computers run Windows 8
Enterprise and are located in an organizational unit (OU) named Windows8Computers.
The network has Windows Server update Services (WSUS) installed. All of the computers are configured to receive updates from WSUS.
The network administrator creates a new computer group named Win8Computers in WSUS.
You need to ensure that the Windows 8 computers receive all of the updates that are assigned to the WinSComputers computer group.
Which Group Policy setting should you configure? (To answer, select the appropriate setting in the answer area.)
Answer:
Q17. You support desktop computers and tablets that run Windows 8 Enterprise. All of the computers are able to connect to your company network from the Internet by using DirectAccess.
Your company wants to deploy a new application. The deployment solution must meet the following requirements:
The application does not utilize the company server infrastructure.
The application is isolated from other applications.
The application uses the least amount of disk space possible on a solid-state drive
(SSD) on the tablets.
The application utilizes the least amount of network bandwidth.
You need to deploy the new application to the tablets.
What should you do?
A. Deploy the application as an Application Virtualization (App-V) package. Install the App-V 4.6 client on the tablets.
B. Deploy the application as a published application on the Remote Desktop server. Create a Remote Desktop connection on the tablets.
C. Install the application on a local drive on the tablets.
D. Install the application in a Windows To Go workspace.
E. Install Hyper-V on tablets. Install the application on a virtual machine.
F. Publish the application to Windows Store.
G. Install the application within a separate Windows 8 installation in a virtual hard disk (VHD) file. Configure the tablets with dual boot.
H. Install the application within a separate Windows 8 installation in a VHDX file. Configure
tablets with dual boot.
Answer: D
Q18. You administer laptops that run Windows 8 Enterprise. The laptops are members of an Active Directory domain and are configured with IPv6 disabled.
Some users require access to the internal company database servers while traveling. You need to configure the requested network connection to the database servers.
What should you configure on the laptops?
A. A DirectAccess connection to the company network
B. A virtual private network (VPN) connection to the company network
C. A metered network connection
D. Out of band management
Answer: B
Q19. You administer computers that run Windows 8 Enterprise and are members of an Active Directory domain.
Some volumes on the computers are encrypted with BitLocker. The BitLocker recovery passwords are stored in Active Directory. A user forgets the BitLocker password to local drive E: and is unable to access the protected volume.
You need to provide a BitLocker recovery key to unlock the protected volume.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Ask the user to run the manage-bde -protectors -disable e: command.
B. Ask the user for a recovery key ID for the protected drive.
C. Ask the user for his or her logon name.
D. Ask the user for his or her computer name.
Answer: B,D
Q20. You administer laptop and desktop computers that run Windows 8 Pro. Your company uses Active Directory Domain Services (AD DS) and Active Directory Certificate Services (AD CS).
Your company decides that access to the company network for all users must be controlled by two-factor authentication.
You need to configure the computers to meet this requirement.
What should you do?
A. Install smart card readers on all computers. Issue smart cards to all users.
B. Enable the Password must meet complexity requirements policy setting. Instruct users to log on by using the domain username format for their username and their strong password.
C. Create an Internet Protocol security (IPsec) policy that requires the use of Kerberos to authenticate all traffic. Apply the IPsec policy to the domain.
D. Issue photo identification to all users. Instruct all users to set up and use PIN Logon.
Answer: A
