Simulado 91-120

You have a computer named Computer1 that runs Windows 10. On Computer1, you turn on File History. You need to protect a folder named D:\Folder1 by using File History. What should you do?. From File Explorer, add D:\Folder1 to the Documents library. From the Settings app, configure the Recovery settings. From Backup and Restore (Windows 7), modify the backup settings. From File History in Control Panel, configure the Advanced settings.

You have a computer named Computer 1 that runs Windows 10. You turn on System Protection and create a restore point named Point1. You perform the following changes: Add four files named File1.txt, File2.dll, File3.sys, and File4.exe to the desktop. Run a configuration script that adds the following four registry keys: You restore Point1. Which files and registry keys are removed? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. File2.d11 only. File2.d11 and File3.sys only. File2.d11, File3.sys, and File4.exe. Filel.txt, File2.d11, File3.sys, and File4.exe. *******************. Key1 only. Key1 and Key2 only. Key2, Key3, and Key4 only. Key1, Key2, Key3, and Key4.

You have 10 computers that run Windows 10. You have a Windows Server Update Services (WSUS) server. You need to configure the computers to install updates from WSUS. Which two settings should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Clique nas opções:

You have a Microsoft 365 Enterprise E3 license. You have a computer named Computer1 that runs Windows 10. You need to ensure that you can access the files on Computer1 by using a web browser on another computer. What should you configure?. Sync your settings in the Settings app. the File Explorer desktop app. the Microsoft OneDrive desktop app. Default apps in the Settings app.

You have computers that run Windows 10 and are configured as shown in the following table. ---------------------------------------------------------------------------------------------------------------------------------------------------------------- Name .| TPM.| BitLocker Drive Encryption enabled on drive C .| BitLocker Drive Encryption enabled on drive D ---------------------------------------------------------------------------------------------------------------------------------------------------------------- Computer1 .| No .| Yes .| Yes ---------------------------------------------------------------------------------------------------------------------------------------------------------------- Computer2 .| Yes .| No .| Yes ---------------------------------------------------------------------------------------------------------------------------------------------------------------- Computer3 .| Yes .| Yes .| No ---------------------------------------------------------------------------------------------------------------------------------------------------------------- You have a removable USB drive named USBDrive1 that is encrypted by using BitLocker to Go. You plan to use USBDrive1 on Computer1, Computer2, and Computer3. You need to identify on which computers you can enable automatic unlocking of BitLocker on USBDrive1. Which computers should you identify?. Computer2 and Computer3 only. Computer3 only. Computer1 and Computer3 only. Computer1, Computer2, and Computer3.

You have a computer named Computer1 that runs Windows 10 and has the users shown in the following table. --------------------------------------- Name .| Member of --------------------------------------- User1 .| Users. Group1 --------------------------------------- User2 .| Administrators --------------------------------------- Computer1 contains the folders shown in the following table. ----------------------------------------------------------------------------------------------- Name .| Path .|Permission .| Share permission ----------------------------------------------------------------------------------------------- Folder1.| D:\Folder1.|Administrators: Full control Group1 : Read .| Groupl : Full control ----------------------------------------------------------------------------------------------- Folder2.| E:\Folder2.|Administrators: Full control .|None ----------------------------------------------------------------------------------------------- You move Folder1 into Folder2. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. User1 can connect to Folder1 by using a path of \\Computer1\Folder1 UNC. User1 can read the content in E:\Folder2\Folder1 when the user signs in to Computer1. User2 can connect to Folder1 by using a path of \\Computer1\E$\Folder2\Folder1 UNC.

Your network contains the segments shown in the following table. You have computers that run Windows 10 and are configured as shown in the following table. -------------------------------------------------------------------------------------------------------------------------- Name | Shared folder | Share permission .| Active Directory joined | Connected to -------------------------------------------------------------------------------------------------------------------------- Computer1 | Share1 .| Everyone: Full control .| Yes .| Segment1 -------------------------------------------------------------------------------------------------------------------------- Computer2 | Sharel .| Everyone: Full control .| Yes .| Segment2 -------------------------------------------------------------------------------------------------------------------------- Computer3 | Share3 .| Everyone: Full control .| No .| Segment1 -------------------------------------------------------------------------------------------------------------------------- Windows Defender Firewall has the File and Printer Sharing allowed apps rule shown in the following table. ----------------------------------------------------------------------------- Computer .| Domain .| Private .| Public ----------------------------------------------------------------------------- Computer1 .| Allowed .| Not allowed .| Not allowed ----------------------------------------------------------------------------- Computer2 .| Allowed .| Allowed .| Not allowed ----------------------------------------------------------------------------- Computer3 .| Not applicable .| Allowed .| Allowed ----------------------------------------------------------------------------- For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Statements Yes No You can access Share1 from Computer3. You can access Share2 from Computer3. You can access Share3 from Computer1.

You have a workgroup computer named Computer1 that runs Windows 10. From File Explorer, you open OneDrive as shown in the following exhibit. *************** **IMAGEM** *************** Use the drop-down menus to select the answer choice that answers each question based on the information presented on the graphic. NOTE: Each correct selection is worth one point. File2.txt only. File1.txt and File2.txt only. File2.txt and File3.txt only. File1.txt, File2.txt, and File3.txt. *******************. File1.txt only. File1.txt and File2.txt only. File1.txt and File3.txt only. File1.txt, File2.txt, and File3.txt.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a workgroup computer that runs Windows 10. The computer contains the local user accounts shown in the following table. *************** **IMAGEM** *************** You need to configure the desktop background for User1 and User2 only. Solution: You create two new local Group Policy Objects (GPOs) and apply one GPO to User1 and the other GPO to User2. You configure the Desktop Wallpaper setting in each GPO. Does this meet the goal?. Yes. No.

Your network contains an Active Directory domain. The domain contains 1,000 computers that run Windows 10. You discover that when users are on their lock screen, they see a different background image every day, along with tips for using different features in Windows 10. You need to disable the tips and the daily background image for all the Windows 10 computers. Which Group Policy settings should you modify?. Turn off the Windows Welcome Experience. Turn off Windows Spotlight on Settings. Do not suggest third-party content in Windows spotlight. Turn off all Windows spotlight features.

You have a computer named Computer1 that runs Windows 10. Computer1 contains a folder named Data on drive C. The Advanced Security Settings for the Data folder are shown in the exhibit. (Click the Exhibit tab.) *************** **IMAGEM** *************** You share C:\Data as shown in the following table. -------------------------------------------------- Group or user .| Share permission -------------------------------------------------- Administrators .| Change -------------------------------------------------- Users .| Read -------------------------------------------------- User 1 .| Change -------------------------------------------------- User1 is a member of the Users group. Administrators are assigned Full control NTFS permissions to C:\Data. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. User1 can read and write files when connected to \\Computer1\Data. User1 can read and write files in C:\Data locally. Administrators can change the NTFS permissions of files and folders when connected to \\Computer1\Data.

You have a file named Reg1.reg that contains the following content. ***************************************** Windows Registry Editor Version 5.00 [HREY _ CLASSES _ROOT\Directory\Background\shell\Notepad] [HREY _ CLASSES _ROOT\Directory\Background\shell\Notepad\command] @="notepad.exe" ***************************************** What is the effect of importing the file?. A key named command will be renamed as notepad.exe. In a key named Notepad, the command value will be set to @="notepad.exe". In a key named command, the default value will be set to notepad.exe.

You have a computer named Computer1 that runs Windows 10. On Computer1, you create the local users shown in the following table. ------------------------------------------------------ Name .| Member of ------------------------------------------------------ User1 .| Users ------------------------------------------------------ User2 .| Users, Guests ------------------------------------------------------ User3 .| Power Users, Guest ------------------------------------------------------ User4 .| Guests, Users, Administrators ------------------------------------------------------ User5 .| Users, Distributed COM Users ------------------------------------------------------ Which three user profiles will persist after each user signs out? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. ------------------------------------------------------. User1. User2. User3. User4. User5.

You have a computer that runs Windows 10. The computer is in a workgroup. The computer is used to provide visitors with access to the Internet. You need to configure the computer to meet the following requirements: Always sign in automatically as User1. Start an application named App1.exe at sign-in. What should you use to meet each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Group Policy preferences. BCDEdit. Registry Editor. MSConfig.

You have four computers that run Windows 10. The computers are configured as shown in the following table. --------------------------------------------------------------------------------- Name .| Member of --------------------------------------------------------------------------------- Computer1 .| Workgroup named WG1 --------------------------------------------------------------------------------- Computer2 .| Workgroup named WG1 --------------------------------------------------------------------------------- Computer3 .| Workgroup named WG2 --------------------------------------------------------------------------------- Computer4 .| Active Directory domain named contoso.com --------------------------------------------------------------------------------- On Computer1, you create a user named User1. In the domain, you create a user named User2. You create the groups shown in the following table. ----------------------------------- Name .| Created on/in ----------------------------------- Group3 .| Cornputer3 ----------------------------------- Group4 .| Cornputer4 ----------------------------------- Group5 .| Contoso.com ----------------------------------- You need to identify to which computers User1 can sign in, and to which groups you can add User2. What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Computer1 only. Computer1 and Computer2 only. Computer1, Computer2, and Computer3 only. Computer1, Computer2, and Computer4 only. Computer1, Computer2, Computer3, and Computer4. *****************. Group5 only. Group4 and Group5 only. Group3, Group4, and Group5.

User1 is a member of the Administrators group on a computer that runs Windows 10. When User1 attempts to view the security settings of a folder named C:\SecretData, the user receives the message in the Security exhibit *************** **IMAGEM** *************** On the computer, you sign in as a member of the Administrators group and view the permissions to C:\SecretData as shown in the Permissions exhibit. *************** **IMAGEM** *************** You need to restore Use1's access to C:\SecretData. What should you do first?. From the Permissions tab of Advanced Security Settings for SecretData, select Change to take ownership of the folder. From the Permissions tab of Advanced Security Settings for SecretData, select Continue to attempt the operation by using administrative privileges. Assign User1 Full control permissions to the C folder and set the inheritance to This folder, subfolders and files. From an elevated command prompt, run cacls.exe c:\secretdata /g user1:F.

Your network contains an Active Directory domain. The domain contains the users shown in the following table. ------------------------------------------------------------------- Name .| Member of domain group ------------------------------------------------------------------- User1 .| Authenticated Users ------------------------------------------------------------------- User2 .| Device Managers Authenticated Users ------------------------------------------------------------------- User3 .| Help Desk Authenticated Users ------------------------------------------------------------------- The Authenticated Users group has the Add workstations to domain user right in the Default Domain Controllers Policy. The Device Managers and Help Desk groups are granted the Create Computer objects permission for the Computers container of the domain. You have 15 workgroup computers that run Windows 10. Each computer contains a local user account named LocalAdmin1 that is a member of the following groups: Administrators Device Owners Authenticated Users For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. User1 can join all the computers to the domain. User2 can join a maximum of 10 computers to the domain. User3 can join all the computers to the domain.

You have a computer named Computer1 that runs Windows 10. Computer1 is in a workgroup. Computer1 contains the local users shown in the following table. ----------------------------------------------------------- Name .| Member of ----------------------------------------------------------- Administrator .| Administrators, Users ----------------------------------------------------------- User1 .| Backup Operators, Users ----------------------------------------------------------- User2 .| Device Owners, Users ----------------------------------------------------------- User3 .| Users ----------------------------------------------------------- The Users group has Modify permissions to a folder named D:\Folder1. User3 creates a file named File1.docx in Folder1. Which users can take ownership of File1.docx?. Administrator and User1 only. Administrator only. Administrator, User1, and User2. Administrator and User2 only.

You have two workgroup computers named Computer1 and Computer2 that run Windows 10. The Guest account is enabled on both computers. The computers contain the users shown in the following table. ---------------------------------------------------------------- Computer name .| User name .| User password ---------------------------------------------------------------- Computer1 .| User1 .| P@ssword1 ---------------------------------------------------------------- Computer1 .| User2 .| P@ssword2 ---------------------------------------------------------------- Computer2 .| Userl .| P@ssword1 ---------------------------------------------------------------- Computer2 .| User2 .| P@ssword2 ---------------------------------------------------------------- Computer2 .| User3 .| P@ssword3 ---------------------------------------------------------------- The computers contain the shared folders shown in the following table. ------------------------------------------------------------------------------ Computer name .| Shared folder name .| Permission ------------------------------------------------------------------------------ Computer1 .| Share1 .| Everyone - Read ------------------------------------------------------------------------------- Computer2 .| Share2 .| Everyone - Read ------------------------------------------------------------------------------- Computer1 has password-protected sharing turned on. Computer2 has password-protected sharing turned off. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. From Computer1, Used can access Share2. From Computer2, User2 can access Share1. From Computer2, User3 can access Share1.

You need to enable BitLocker Drive Encryption (BitLocker) on a computer named Computer1 that runs Windows 10. Computer1 has the following configurations: Contains only one 200-GB NTFS volume named C:\ Contains 50 GB of unallocated disk space Is the member of a workgroup Has TPM enabled What should you do first?. Create a VHD. Disable TPM. Create an additional volume. Join Computer1 to an Azure Active Directory (Azure AD) tenant.

You have a workgroup computer that runs Windows 10. You need to set the minimum password length to 12 characters. What should you use?. User Accounts in Control Panel. Local Security Policy. Credential Manager in Control Panel. Email & accounts in the Settings app.

You have 20 computers that run Windows 10. The computers are in a workgroup. You need to create a local user named User1 on all the computers. User1 must be a member of the Remote Management Users group. What should you do?. From Windows Configuration Designer, create a provisioning package, and then run the provisioning package on each computer. Create a script that runs the New-ADUser cmdlet and the Set-AdGroup cmdlet. Create a Group Policy object (GPO) that contains the Local User Group Policy preference. Create a script that runs the New-MsolUser cmdlet and the Add-ADComputerServiceAccount cmdlet.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a computer that runs Windows 10. The computer contains a folder named D:\Scripts. D:\Scripts contains several PowerShell scripts. You need to ensure that you can run the PowerShell scripts without specifying the full path to the scripts. The solution must persist between PowerShell sessions. Solution: From System Properties, you add D:\Scripts to the PATH environment variable. Does this meet the goal?. Yes. No.

You have several computers that run Windows 10. The computers are in a workgroup and have BitLocker Drive Encryption (BitLocker) enabled. You join the computers to Microsoft Azure Active Directory (Azure AD). You need to ensure that you can recover the BitLocker recovery key for the computers from Azure AD. What should you do first?. Disable BitLocker. Add a BitLocker key protector. Suspend BitLocker. Disable the TMP chip.

Case Study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided. To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study. At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section. To start the case study To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question. Overview Existing Environment Fabrikam, Inc. is a distribution company that has 500 employees and 100 contractors. Active Directory The network contains an Active Directory forest named fabrikam.com. The forest is synced to Microsoft Azure Active Directory (Azure AD). All the employees are assigned Microsoft 365 E3 licenses. The domain contains a user account for an employee named User10. Client Computers All the employees have computers that run Windows 10 Enterprise. All the computers are installed without Volume License Keys. Windows 10 license keys are never issued. All the employees register their computer to Azure AD when they first receive the computer. User10 has a computer named Computer10. All the contractors have their own computer that runs Windows 10. None of the computers are joined to Azure AD. Operational Procedures Fabrikam has the following operational procedures: Updates are deployed by using Windows Update for Business. When new contractors are hired, administrators must help the contactors configure the following settings on their computer: Security Policies The following security policies are enforced on all the client computers in the domain: All the computers are encrypted by using BitLocker Drive Encryption (BitLocker). BitLocker recovery information is stored in Active Directory and Azure AD. The local Administrators group on each computer contains an enabled account named LocalAdmin. The LocalAdmin account is managed by using Local Administrator Password Solution (LAPS). Problem Statements Fabrikam identifies the following issues: Employees in the finance department use an application named Application1. Application1 frequently crashes due to a memory error. When Application1 crashes, an event is written to the application log and an administrator runs a script to delete the temporary files and restart the application. When employees attempt to connect to the network from their home computer, they often cannot establish a VPN connection because of misconfigured VPN settings. An employee has a computer named Computer11. Computer11 has a hardware failure that prevents the computer from connecting to the network. User10 reports that Computer10 is not activated. Technical Requirements Fabrikam identifies the following technical requirements for managing the client computers: Provide employees with a configuration file to configure their VPN connection. Use the minimum amount of administrative effort to implement the technical requirements. Identify which employees’ computers are noncompliant with the Windows Update baseline of the company. Ensure that the service desk uses Quick Assist to take remote control of an employee’s desktop during support calls. Automate the configuration of the contractors’ computers. The solution must provide a configuration file that the contractors can open from a Microsoft SharePoint site to apply the required configurations. You need to recommend a solution to configure the employee VPN connections. What should you include in the recommendation?. Remote Access Management Console. Group Policy Management Console (GPMC). Connection Manager Administration Kit (CMAK). Microsoft Intune.

Case Study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided. To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study. At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section. To start the case study To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question. Overview Existing Environment Fabrikam, Inc. is a distribution company that has 500 employees and 100 contractors. Active Directory The network contains an Active Directory forest named fabrikam.com. The forest is synced to Microsoft Azure Active Directory (Azure AD). All the employees are assigned Microsoft 365 E3 licenses. The domain contains a user account for an employee named User10. Client Computers All the employees have computers that run Windows 10 Enterprise. All the computers are installed without Volume License Keys. Windows 10 license keys are never issued. All the employees register their computer to Azure AD when they first receive the computer. User10 has a computer named Computer10. All the contractors have their own computer that runs Windows 10. None of the computers are joined to Azure AD. Operational Procedures Fabrikam has the following operational procedures: Updates are deployed by using Windows Update for Business. When new contractors are hired, administrators must help the contactors configure the following settings on their computer: Security Policies The following security policies are enforced on all the client computers in the domain: All the computers are encrypted by using BitLocker Drive Encryption (BitLocker). BitLocker recovery information is stored in Active Directory and Azure AD. The local Administrators group on each computer contains an enabled account named LocalAdmin. The LocalAdmin account is managed by using Local Administrator Password Solution (LAPS). Problem Statements Fabrikam identifies the following issues: Employees in the finance department use an application named Application1. Application1 frequently crashes due to a memory error. When Application1 crashes, an event is written to the application log and an administrator runs a script to delete the temporary files and restart the application. When employees attempt to connect to the network from their home computer, they often cannot establish a VPN connection because of misconfigured VPN settings. An employee has a computer named Computer11. Computer11 has a hardware failure that prevents the computer from connecting to the network. User10 reports that Computer10 is not activated. Technical Requirements Fabrikam identifies the following technical requirements for managing the client computers: Provide employees with a configuration file to configure their VPN connection. Use the minimum amount of administrative effort to implement the technical requirements. Identify which employees’ computers are noncompliant with the Windows Update baseline of the company. Ensure that the service desk uses Quick Assist to take remote control of an employee’s desktop during support calls. Automate the configuration of the contractors’ computers. The solution must provide a configuration file that the contractors can open from a Microsoft SharePoint site to apply the required configurations. You need to take remote control of an employee’s computer to troubleshoot an issue. What should you send to the employee to initiate a remote session?. a numeric security code. a connection file. an Easy Connect request. a password.

Case Study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided. To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study. At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section. To start the case study To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question. Overview Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York. Contoso has IT, human resources (HR), and finance departments. Contoso recently opened a new branch office in San Diego. All the users in the San Diego office work from home. Existing environment Contoso uses Microsoft 365. The on-premises network contains an Active Directory domain named contoso.com. The domain is synced to Microsoft Azure Active Directory (Azure AD). All computers run Windows 10 Enterprise. You have four computers named Computer1, Computer2, Computer3, and ComputerA. ComputerA is in a workgroup on an isolated network segment and runs the Long Term Servicing Channel version of Windows 10. ComputerA connects to a manufacturing system and is business critical. All the other computers are joined to the domain and run the Semi-Annual Channel version of Windows 10. In the domain, you create four groups named Group1, Group2, Group3, and Group4. Computer2 has the local Group Policy settings shown in the following table. ------------------------------------------------------------------------------------------- Policy .| Security Setting ------------------------------------------------------------------------------------------- Access this computer from the network .| Group1 ------------------------------------------------------------------------------------------- Deny access to this computer from the network .| Group2 ------------------------------------------------------------------------------------------- Allow log on through Remote Desktop Services .| Group3 ------------------------------------------------------------------------------------------- Deny log on through Remote Desktop Services .| Group4 ------------------------------------------------------------------------------------------- The computers are updated by using Windows Update for Business. The domain has the users shown in the following table. ------------------------------------------------------------- Name .| Member of ------------------------------------------------------------- User1 .| Domain Admins, Domain Users ------------------------------------------------------------- User2 .| Administrators, Domain Users ------------------------------------------------------------- User3 .| Account Operators, Domain Users ------------------------------------------------------------- User4 .| Domain Users ------------------------------------------------------------- User5 .| Domain Users, Guests ------------------------------------------------------------- User6 .| Group2, Group3, Domain Users ------------------------------------------------------------- Computer1 has the local users shown in the following table. ---------------------------------------- Name .| Member of ---------------------------------------- User11 .| Administrators ---------------------------------------- User12 .| Users ---------------------------------------- User13 .| Guests ---------------------------------------- Requirements Planned Changes Contoso plans to purchase computers preinstalled with Windows 10 Pro for all the San Diego office users. Technical requirements Contoso identifies the following technical requirements: The computers in the San Diego office must be upgraded automatically to Windows 10 Enterprise and must be joined to Azure AD the first time a user starts each new computer. End users must not be required to accept the End User License Agreement (EULA). Helpdesk users must be able to troubleshoot Group Policy object (GPO) processing on the Windows 10 computers. The helpdesk users must be able to identify which Group Policies are applied to the computers. Users in the HR department must be able to view the list of files in a folder named D:\Reports on Computer3. ComputerA must be configured to have an Encrypting File System (EFS) recovery agent. Quality update installations must be deferred as long as possible on ComputerA. Users in the IT department must use dynamic lock on their primary device. User6 must be able to connect to Computer2 by using Remote Desktop. The principle of least privilege must be used whenever possible. Administrative effort must be minimized whenever possible. Kiosk (assigned access) must be configured on Computer1. You need to meet the technical requirement for User6. What should you do?. Add User6 to the Remote Desktop Users group in the domain. Remove User6 from Group2 in the domain. Add User6 to the Remote Desktop Users group on Computer2. Add User6 to the Administrators group on Computer2.

Case Study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided. To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study. At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section. To start the case study To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question. Overview Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York. Contoso has IT, human resources (HR), and finance departments. Contoso recently opened a new branch office in San Diego. All the users in the San Diego office work from home. Existing environment Contoso uses Microsoft 365. The on-premises network contains an Active Directory domain named contoso.com. The domain is synced to Microsoft Azure Active Directory (Azure AD). All computers run Windows 10 Enterprise. You have four computers named Computer1, Computer2, Computer3, and ComputerA. ComputerA is in a workgroup on an isolated network segment and runs the Long Term Servicing Channel version of Windows 10. ComputerA connects to a manufacturing system and is business critical. All the other computers are joined to the domain and run the Semi-Annual Channel version of Windows 10. In the domain, you create four groups named Group1, Group2, Group3, and Group4. Computer2 has the local Group Policy settings shown in the following table. ------------------------------------------------------------------------------------------- Policy .| Security Setting ------------------------------------------------------------------------------------------- Access this computer from the network .| Group1 ------------------------------------------------------------------------------------------- Deny access to this computer from the network .| Group2 ------------------------------------------------------------------------------------------- Allow log on through Remote Desktop Services .| Group3 ------------------------------------------------------------------------------------------- Deny log on through Remote Desktop Services .| Group4 ------------------------------------------------------------------------------------------- The computers are updated by using Windows Update for Business. The domain has the users shown in the following table. ------------------------------------------------------------- Name .| Member of ------------------------------------------------------------- User1 .| Domain Admins, Domain Users ------------------------------------------------------------- User2 .| Administrators, Domain Users ------------------------------------------------------------- User3 .| Account Operators, Domain Users ------------------------------------------------------------- User4 .| Domain Users ------------------------------------------------------------- User5 .| Domain Users, Guests ------------------------------------------------------------- User6 .| Group2, Group3, Domain Users ------------------------------------------------------------- Computer1 has the local users shown in the following table. ---------------------------------------- Name .| Member of ---------------------------------------- User11 .| Administrators ---------------------------------------- User12 .| Users ---------------------------------------- User13 .| Guests ---------------------------------------- Requirements Planned Changes Contoso plans to purchase computers preinstalled with Windows 10 Pro for all the San Diego office users. Technical requirements Contoso identifies the following technical requirements: The computers in the San Diego office must be upgraded automatically to Windows 10 Enterprise and must be joined to Azure AD the first time a user starts each new computer. End users must not be required to accept the End User License Agreement (EULA). Helpdesk users must be able to troubleshoot Group Policy object (GPO) processing on the Windows 10 computers. The helpdesk users must be able to identify which Group Policies are applied to the computers. Users in the HR department must be able to view the list of files in a folder named D:\Reports on Computer3. ComputerA must be configured to have an Encrypting File System (EFS) recovery agent. Quality update installations must be deferred as long as possible on ComputerA. Users in the IT department must use dynamic lock on their primary device. User6 must be able to connect to Computer2 by using Remote Desktop. The principle of least privilege must be used whenever possible. Administrative effort must be minimized whenever possible. Kiosk (assigned access) must be configured on Computer1. You need to meet the technical requirement for the IT department users. What should you do first?. Issue computer certificates. Distribute USB keys to the IT department users. Enable screen saver and configure a timeout. Turn on Bluetooth.

You have a computer that runs Windows 10. From the Settings app, you view the connection properties shown in the following exhibit. ************** **IMAGEM** ************** Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. set the Network profile to Private. run winrm qc at the command prompt. turn off Metered connection.

You have 15 computers that run Windows 10. Each computer has two network interfaces named Interface1 and Interface2. You need to ensure that network traffic uses Interface1, unless Interface1 is unavailable. What should you do?. Run the Set-NetIPInterface –InterfaceAlias Interface1 –InterfaceMetric 1 command. Run the Set-NetAdapterBinding –Name Interface2 –Enabled $true –ComponentID ms_tcpip –ThrottleLimit 0 command. Set a static IP address on Interface 1. From Network Connections in Control Panel, modify the Provider Order.