★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-680 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/70-680-dumps.html
Exambible offers free demo for 70 680 pdf exam. "TS:Windows 7,Configuring", also known as exam 70 680 exam, is a Microsoft Certification. This set of posts, Passing the Microsoft microsoft 70 680 exam, will help you answer those questions. The 70 680 exam Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft 70 680 exam exams and revised by experts!
Q151. - (Topic 5)
A network has a main office and a branch office.
The branch office has five client computers that run Windows 7. All servers are located in the main office. All servers have BranchCache enabled.
Users at the branch office report that it takes several minutes to open large files located in the main office.
You need to minimize the amount of time it takes for branch office users to open files located in the main office.
What should you do?
A. At the main office, configure the servers to use Distributed File System Replication (DFSR).
B. At the main office, configure the Quality of Service (QoS) Packet Scheduler on all servers.
C. At the branch office, configure the client computers to use BranchCache Hosted Cache mode.
D. At the branch office, configure the client computers to use BranchCache Distributed Cache mode.
Answer: D
Q152. - (Topic 5)
You install the Windows Automated Installation Kit (WAIK) for Windows 7 on a computer that runs Windows 7.
You want to deploy a Windows image (WIM) file to other computers in the domain. You need to capture the operating system, computer configuration, and applications installed on the computer to a WIM file.
What should you do before you capture the image?
A. Run Diskpart.exe.
B. Run Oscdimg.exe.
C. Run ScanState.exe.
D. Run Sysprep.exe.
Answer: B
Explanation: Oscdimg is a command-line tool that you can use to create an image (.iso) file of a customized 32-bit or 64-bit version of Windows Preinstallation Environment (Windows PE). You can then burn the .iso file to a CD or DVD. Oscdimg supports ISO 9660, Joliet, and Universal Disk Format (UDF) file systems. Note: … You just created your Windows PE Boot Flash Drive. Now you need to capture a generalized image for deployment. If you would like to burn WindowsPE to a CD instead of a USB thumb drive. The following command will copy all of the files necessary to create a WindowsPE boot disc into an ISO image file. Then you can burn the image file to a CD to create a bootable WindowsPE CD. In the command below the ISO image file that you will want to burn is winpex86.iso Oscdimg -n -bC:\winpe_x86\Etfsboot.com C:\winpe_x86\ISO C:\winpe_x86\winpex86.iso Now burn the ISO image file winpex86.iso to a CD as a bootable image disc and you are finished!
Q153. - (Topic 1)
You have a computer that runs Windows 7.
Your network contains a DHCP server that runs Windows Server 2008 R2.
The server is configured as a Network Access Protection (NAP) enforcement point.
You need to configure the computer as a NAP client.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. From Services, set the Netlogon service Startup Type to Automatic.
B. From Services, set the Network Access Protection Agent service Startup Type to Automatic.
C. From the NAP Client Configuration console, configure the user interface settings.
D. From the NAP Client Configuration console, enable the DHCP Quarantine Enforcement Client.
Answer: B,D
Explanation:
Network Access Protection Network Access Protection (NAP) is a feature in Windows Server 2008 that controls access to network resources based on a client computer's identity and compliance with corporate governance policy. NAP allows network administrators to define granular levels of network access based on who a client is, the groups to which the client belongs, and the degree to which that client is compliant with corporate governance policy. If a client is not compliant, NAP provides a mechanism to automatically bring the client back into compliance and then dynamically increase its level of network access.NAP Client ConfigurationNetwork Access Protection (NAP), a new feature in Windows Vista. and Windows Server. 2008, allows you to control the access of client computers to network resources based on computer identity and compliance with corporate governance policy. To implement NAP, you must configure NAP settings on both servers and client computers. There are three tools that you can use to configure NAP client settings: The NAP Client Configuration console provides a graphical user interface with which you can configure NAP client settings on the local computer or in a configuration file that you can save and apply to other computers. The Netsh commands for NAP client provide a command-line tool that you can use to configure client computers or to create a configuration file that you can save and apply to other computers. If you want to manage NAP client settings on domain member client computers, you can use the Group Policy Management Console and the Group Policy Management Editor. When you configure NAP client settings in Group Policy, these settings are applied on NAP-capable domain member client computers when Group Policy is refreshed.To enable and disable the DHCP enforcement client by using the Windows interface
1. To open the NAP Client Configuration console, click Start, click All Programs, click Accessories, click Run, type NAPCLCFG.MSC, and then click OK.
2. Click Enforcement Clients.
3. Right-click DHCP Enforcement Client, and then click Enable or Disable.Network Access Protection Agent
The Network Access Protection (NAP) agent service collects and manages health information for client computers on a network. Information collected by NAP agent is used to make sure that the client computer has the required software and settings. If a client computer is not compliant with health policy, it can be provided with restricted network access until its configuration is updated. Depending on the configuration of health policy, client computers might be automatically updated so that users quickly regain full network access without having to manually update their computer.
Q154. - (Topic 2)
You have a computer that runs windows 7.
The network contains a monitoring server named server1 Computer runs a monitoring service named service1.
Service 1 uses remote procedure. You need to ensure that service1 can receive requests from server1.
What should you do?
A. From windows Firewall with Advanced Security, create a predefined rule.
B. From windows Firewall with Advanced Security, create custom rule.
C. From the Network and Sharing Center, modify the network location settings.
D. From the Network and Sharing Center, modify the advanced sharing settings.
Answer: B
Explanation:
Creating WFAS Rules The process for configuring inbound rules and outbound rules is essentially the same: In the WFAS console, select the node that represents the type of rule that you want to create and then click New Rule. This opens the New Inbound (or Outbound) Rule Wizard. The first page, allows you to specify the type of rule that you are going to create. You can select between a program, port, predefined, or custom rule. The program and predefined rules are similar to what you can create using Windows Firewall. A custom rule allows you to configure a rule based on criteria not covered by any of the other options. You would create a custom rule if you wanted a rule that applied to a particular service rather than a program or port. You can also use a custom rule if you want to create a rule that involves both a specific program and a set of ports. For example, if you wanted to allow communication to a specific program on a certain port but not other ports, you would create a custom rule.
Q155. - (Topic 4)
A company has client computers that run Windows 7 Enterprise.
Users complain that Windows displays too many notifications when they try to install software or make changes to their computer.
You need to decrease the number of notifications that Windows displays when users try to install software or make changes to their computer.
Which two choices should you use to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Local Users and Groups
B. the Services management console
C. the netsh command
D. the Group Policy management console
E. share permissions
F. the folder Properties window
G. Device Manager
H. the icacls command
I. the User Account Control Settings Control Panel window
Answer: D,I
Q156. - (Topic 5)
You have a computer that runs Windows 7. The computer is a member of a workgroup.
You use Encrypting File System (EFS) to protect your local files.
You need to ensure that you can decrypt EFS files on the computer if you forget your password.
What should you do?
A. From Authorization Manager, modify the Authorization Manager options.
B. From Credential Manager, select Back up vault.
C. Create an EFS Data Recovery Agent by using Group Policy.
D. From User Accounts, select Manage your file encryption certificates.
Answer: C
Explanation: Data Recovery Agent (DRA) is a user account that has been granted permissions to access all encrypted files even if the files have been encrypted using encryption key of another user account of the computer. Administrators must create and configure Data Recovery Agents before allowing users to encrypt their files. This serves as a proactive step taken by the administrators as once user account that has encrypted the file has been deleted from the computer, in the absence of DRA the files cannot be recovered whatsoever.
Q157. - (Topic 5)
Your company Research department includes client computers that have Windows 7 and Windows Vista installed on separate partitions in a dual-boot configuration. The computers boot into Windows 7 by default or users can choose to boot into Windows Vista during startup.
The company management has decided that the Windows Vista partition must be deleted from all the computers.
You need to ensure that the staff of the Research department are not prompted to select a boot option during startup and that Windows 7 is chosen automatically.
What should you do?
A. In Windows Vista, from an elevated command prompt, run bcdedit /delete {current}.
B. Select the Selective startup option button by using msconfig.exe.
C. In Windows Vista, from an elevated command prompt, run bcdedit /delete {default}.
D. In Windows 7, from an elevated command prompt, run bcdedit /delete {default}.
Answer: A
Q158. - (Topic 3)
Your network contains computers that run Windows 7 and Windows Vista. All computers are members of the same domain. You have a computer named Computer1 that runs Windows 7.
You need to ensure that users can remotely log on to Computer1 from any computer on the network.
What should you do on Computer1?
A. Select the Allow Remote Assistance connections to this computer check box. Add the Domain Users group to the Power Users group.
B. Select the Allow Remote Assistance connections to this computer check box. Add the Domain Users group to the Administrators group.
C. Select the Allow connections from computers running any version of Remote Desktop (less secure) check box. Add the Domain Computers group to the Remote Desktop Users group.
D. Select the Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure) check box. Add the Domain Users group to the Remote Desktop Users group.
Answer: D
Q159. - (Topic 2)
You have a workgroup that contains five computers. The computers run Windows 7.
A computer named Computer1 has video and audio files.
You need to share Computer1's video and audio files on the network.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Create a HomeGroup.
B. Move the files to a Media Library.
C. Enable all BranchCache rules in Windows Firewall.
D. Connect a removable drive and enable BitLocker To Go.
Answer: A,B
Explanation:
HomeGroup ConnectionsThis option decides how authentication works for connections to HomeGroup resources. If all computers in the HomeGroup have the same user name and passwords configured, you can set this option to allow Windows to manage HomeGroup connections. If different user accounts and passwords are present, you should configure the option to use user accounts and passwords to connect to other computers. This option is available only in the Home/Work network profile.Media Library SharingBefore you turn on Media Library Sharing for a shared folder, you should know that Media Library Sharing bypasses any type of user-account access that you set for the shared folder. For example, let's say that you turn on Media Library Sharing for the Photos shared folder, and you set the Photos shared folder to No Access for a user account named Bobby. Bobby can still stream any digital media from the Photos shared folder to any supported digital media player or DMR. If you have digital media that you do not want to stream in this manner, store the files in a folder that does not have Media Library Sharing turned on. If you turn on Media Library Sharing for a shared folder, any supported digital media player or DMR that can access your home network can also access your digital media in that shared folder. For example, if you have a wireless network and you have not secured it, anybody within range of your wireless network can potentially access your digital media in that folder. Before you turn on Media Library Sharing, make sure that you secure your wireless network. For more information, see the documentation for your wireless access point.
Q160. - (Topic 3)
You have a computer that runs Windows 7.
You have an application control policy on the computer.
You discover that the policy is not enforced on the computer.
You open the Services snap-in as shown in the exhibit. (Click the Exhibit button.)
You need to enforce the application control policy on the computer.
What should you do?
A. Set the Application Identity service Startup Type to Automatic and start the service.
B. Set the Application Information service Startup Type to Automatic and start the service.
C. Set the Application Management service Startup Type to Automatic and start the service.
D. Set the Application Experience service Startup Type to Automatic and start the service.
Answer: A
Explanation:
Application Identity service AppLocker relies upon the Application Identity Service being active. When you install Windows 7, the startup type of this service is set to Manual. When testing AppLocker, you should keep the startup type as Manual in case you configure rules incorrectly. In that event, you can just reboot the computer and the AppLocker rules will no longer be in effect. Only when you are sure that your policies are applied correctly should you set the startup type of the Application Identity Service to Automatic. You should take great care in testing AppLocker rules because it is possible to lock down a computer running Windows 7 to such an extent that the computer becomes unusable. AppLocker policies are sometimes called application control policies