Get a complete hold on 70-685 exam syllabus through Lead2pass training and boost up your skills. No need to hassle if you are stuck in exam difficulties, Lead2pass will assist you right through exam specific preparation material. Lead2pass delivers the most comprehensive preparation material, covering each and every aspect of 70-685 exam curriculum.
QUESTION 91
Twenty new laptop computers are joined to the domain.
Users of the new laptops report that they can access the Exchange server, but they cannot access file shares or internal Web sites when they are outside of the office.
Other remote users can access file shares and internal Web sites when they are outside of the office.
You need to ensure that users of the new laptops can access file shares and Web sites on the internal network when they are outside of the office.
What should you request?
A. new user certificates for the laptop users
B. new computer certificates for the laptops
C. the user accounts for the laptop users be added to the Baldwin\Direct Access group
D. the computer accounts for the laptops be added to the Baldwin\Direct Access group
Answer: D
QUESTION 92
The help desk technicians discover that Windows Defender definitions are not up-to-date on client computers. The help desk technicians report that other critical updates are applied to the client computers.
You need to ensure that all client computers have the latest Windows Defender definitions.
Your solution must comply with the corporate security policy.
What should you request?
A. a firewall exception be added for msascui.exe
B. the WSUS server be configured to download and automatically approve Windows Defender definition updates
C. the Remove access to use all Windows update features setting in the WSUS Policy GPO be set to disabled
D. the Windows Defender\Turn on definition updates through both WSUS and Windows Update setting in the WSUS Policy GPO be set to enabled
Answer: B
QUESTION 93
The help desk technicians discover that some computers have not installed the latest updates for Windows. The Windows Update log files on the computers show that to complete the installation of several updates the computers must be restarted.
You need to ensure that future updates are successfully installed on all computers.
What should you request?
A. the logon hours for all user accounts be set from 06:00 to 22:00
B. the Delay Restart for scheduled installations setting in the WSUS Policy GPO be set to disabled
C. the Allow Automatic Updates immediate installation setting in the WSUS Policy GPO be set to enabled
D. the No auto-restart with logged on users for scheduled automatic updates installations setting in the
WSUS Policy GPO be set to disabled
Answer: D
QUESTION 94
A new printer is installed on FP1 and is shared as Printer1.
Users report that they receive an error when they try to connect to \\FP1\Printer1, and that after they click OK they are prompted for a printer driver.
The server administrator confirms that the printer is functioning correctly and that he can print a test page.
You need to ensure that users are able to connect to the new printer successfully.
Your solution must minimize administrative effort.
What should you request?
A. an x86 printer driver be installed on FP1
B. the permissions be changed on the shared printer
C. a new Group Policy object (GPO) be created that includes a printer mapping for \\FP1\Printer1
D. the Devices: Prevent users from installing printer drivers setting in the Default Domain Policy be set to disabled
Answer: A
QUESTION 95
Users at the Manufacturing site must have a secondary method of decrypting their existing files if they lose access to their certificate and private key or if the EFS Admin’s certificate is not available.
You need to recommend a solution to ensure that a secondary method is available to users. The solution must not require accessing or altering the existing encrypted files before decrypting them.
What should you recommend that the users do?
A. From the command line, run the cipher.exe /e command.
B. From the command line, run the certutil.exe /backupKey command.
C. Enroll for a secondary EFS certificate.
D. Export their EFS certificates with private keys to an external location.
Answer: D
QUESTION 96
You need to recommend a solution to back up BitLocker recovery information based on the company’s existing data protection requirements.
The solution must include the backup destination and the solution prerequisites.
What should you recommend? (Choose all that apply.)
A. Upgrade all Windows XP client computers to Windows 7.
B. Store the BitLocker recovery information in Active Directory.
C. Create a GPO to enroll users for a Basic EFS certificate automatically.
D. Raise the forest functional level to Windows Server 2008 R2.
E. Store each user’s BitLocker recovery information on USB keychain drives.
F. Import the BitLockerTPMSchemaExtension.ldf file to Active Directory.
Answer: BF
QUESTION 97
A user at the Headquarters site is able to run .bat files on LAPTOP01.
However, you notice that the AppLockdown GPO was successfully applied to the computer.
You need to ensure that the user’s computer complies with the existing AppLockdown GPO
settings.
Which service should you start on LAPTOP01?
A. Application Experience
B. Application Identity
C. Application Management
D. Application Information
Answer: B
QUESTION 98
Users are prompted for authentication credentials when they browse to the intranet from the company’s servers.
You need to ensure that users can access the intranet from the company’s servers without having to enter their authentication information.
What should you do?
A. Add the intranet fully qualified domain name to the local intranet zone.
B. Enable the Automatic logon only in Intranet zone option in the Microsoft Internet Explorer settings in the GPO.
C. Reset the local intranet zone custom settings to Low.
D. Disable the Allow websites to prompt for information using scripted windows setting in the Microsoft Internet Explorer settings in the GPO.
Answer: B
QUESTION 99
Existing Internet Explorer security settings and GPOs are applied throughout the company. However, users are visiting websites known by Internet Explorer to host malicious content.
You need to ensure that users cannot visit those websites.
Which setting in the GPO should you enable to achieve this goal?
A. Turn off Managing SmartScreen Filter for Internet Explorer 8
B. Prevent Bypassing SmartScreen Filter Warnings
C. Turn on ActiveX Filtering
D. Prevent ignoring certificate errors
E. Turn off Managing Phishing filter
Answer: B
QUESTION 100
You need to identify which of the company’s client computers are candidates to use BitLocker on the operating system hard disk.
Which client computers should you recommend? (Choose all that apply.)
A. all client computers at the Sales site
B. all client computers in the Headquarters site
C. all client computers in the Manufacturing site
D. all client computers that are not TCG compliant
Answer: B
70-685 exam is worth challenging task but you should not feel hesitant against the confronting difficulties. Get a complete hold on 70-685 exam syllabus through Lead2pass training and boost up your skills. No need to hassle if you are stuck in exam difficulties, Lead2pass will assist you right through exam specific preparation material. Lead2pass delivers the most comprehensive preparation material, covering each and every aspect of 70-685 exam curriculum.