QUESTION 291
You have a computer that runs Windows 7 Professional. A USB disk is attached to the computer. You need to ensure that you can enable BitLocker To Go on the USB disk. What should you do?
A. Enable Encrypting File System (EFS).
B. Upgrade the computer to Windows 7 Enterprise.
C. Initialize the Trusted Platform Module (TPM) hardware.
D. Obtain a client certificate from an enterprise certification authority (CA).
Answer: B
Explanation:
Windows 7 ProfessionalWindows 7 Professional is available from retailers and on new computers installed by manufacturers. It supports all the features available in Windows Home Premium, but you can join computers with this operating system installed to a domain. It supports EFS and Remote Desktop Host but does not support enterprise features such as AppLocker, DirectAccess, BitLocker, and BranchCache.Windows 7 Enterprise and Ultimate EditionsThe Windows 7 Enterprise and Ultimate editions are identical except for the fact that Windows 7 Enterprise is available only to Microsoft’s volume licensing customers, and Windows 7 Ultimate is available from retailers and on new computers installed by manufacturers. The Enterprise and Ultimate editions support all the features available in other Windows 7 editions but also support all the enterprise features such as EFS, Remote Desktop Host, AppLocker, DirectAccess, BitLocker, BranchCache, and Boot from VHD.
QUESTION 292
You have a computer that runs Windows 7. You need to prevent Internet Explorer from saving any data during a browsing session. What should you do?
A. Disable the BranchCache service.
B. Modify the InPrivate Blocking list.
C. Open an InPrivate Browsing session.
D. Modify the security settings for the Internet zone.
Answer: C
Explanation:
InPrivate Mode consists of two technologies: InPrivate Filtering and InPrivate Browsing. Both InPrivate Filtering and InPrivate Browsing are privacy technologies that restrict the amount of information available about a user’s browsing session. InPrivate Browsing restricts what data is recorded by the browser, and InPrivate Filtering is used to restrict what information about a browsing session can be tracked by external third parties.
QUESTION 293
You have a stand-alone computer named Computer1 that runs Windows 7.
Several users share Computer1. You need to prevent all users who are members of a group named Group1 from running Windows Media Player. All other users must be allowed to run Windows Media Player. You must achieve this goal by using the least amount of administrative effort. What should you do?
A. From Software Restriction Policies, create a path rule.
B. From Software Restriction Policies, create a hash rule.
C. From Application Control Policies, create the default rules.
D. From Application Control Policies, create an executable rule.
Answer: D
Explanation:
Executable Rules
Executable rules apply to files that have .exe and .com file extensions. AppLocker policies are primarily about executable files, and it is likely that the majority of the AppLocker policies that you work with in your organizational environment will involve executable rules.
The default executable rules are path rules that allow everyone to execute all applications in the Program Files folder and the Windows folder. The default rules also allow members of the administrators group to execute applications in any location on the computer. It is necessary to use the default executable rules, or rules that mirror their functionality, because Windows does not function properly unless certain applications, covered by these default rules, are allowed to execute. When you create a rule, the scope of the rule is set to Everyone, even though there is not a local group named Everyone. If you choose to modify the rule, you can select a specific security group or user account. NOT Default rulesDefault rules are a set of rules that can be created automatically and which allow access to default Windows and program files. Default rules are necessary because AppLocker has a built-in fallback block rule that restricts the execution of any application that is not subject to an Allow rule. This means that when you enable AppLocker, you cannot execute any application, script, or installer that does not fall under an Allow rule. There are different default rules for each rule type. The default rules for each rule type are general and can be tailored by administrators specifically for their environments. For example, the default executable rules are path rules. Security-minded administrators might replace the default rules with publisher or hash rules because these are more secure.NOT Path RulesPath rules, allow you to specify a file, folder, or registry key as the target of a Software Restriction Policy. The more specific a path rule is, the higher its precedence. For example, if you have a path rule that sets the file C: \Program files\Application\App.exe to Unrestricted and one that sets the folder C:\Program files\Application to Disallowed, the more specific rule takes precedence and the application can execute. Wildcards can be used in path rules, so it is possible to have a path rule that specifies C:\Program files\Application\*.exe. Wildcard rules are less specific than rules that use a file’s full path. The drawback of path rules is that they rely on files and folders remaining in place. For example, if you created a path rule to block the application
C:\Apps\Filesharing.exe, an attacker could execute the same application by moving it to another directory or renaming it something other than Filesharing.exe. Path rules work only when the file and folder permissions of the underlying operating system do not allow files to be moved and renamed.NOT Hash RulesHash rules, work through the generation of a digital fingerprint that identifies a file based on its binary characteristics. This means that a file that you create a hash rule for will be identifiable regardless of the name assigned to it or the location from which you access it. Hash rules work on any file and do not require the file to have a digital signature. The drawback of hash rules is that you need to create them on a per-file basis. You cannot create hash rules automatically for Software Restriction Policies; you must generate each rule manually. You must also modify hash rules each time that you apply a software update to an application that is the subject of a hash rule. Software updates modify the binary properties of the file, which means that the modified file does not match the original digital fingerprint.
QUESTION 294
You have a computer that runs Windows 7. The IPv6 address of the computer is configured automatically. You need to identify the IPV6 address of the computer. What should you do?
A. At the command prompt, run Netstat.
B. At the command prompt run Net config.
C. From the network connection status, click Details.
D. From network connection properties, select Internet Protocol Version 6 (TCP/IPv6) and click Properties.
Answer: C
Explanation:
You can view a list of all the connection interfaces (wired and wireless) on a computer by opening Network And Sharing Center and clicking Change Adapter Settings. You can right-click any network connection and select Status. If you click Details on the Local Area Connection Status dialog box, you access the Network Connection Details information box. You can configure wireless connection behavior by clicking Change Adapter Settings in Network And Sharing Center, right-clicking your wireless adapter, and clicking Status. Clicking Details on the Status dialog box displays the adapter configuration.
QUESTION 295
You have a computer that runs Windows 7. You need to view the processes that currently generate network activity. What should you do?
A. Open Resource Monitor and click the Network tab.
B. Open Windows Task Manager and click the Networking tab.
C. Open Event Viewer and examine the NetworkProfile Operational log.
D. Open Performance Monitor and add all the counters for network interface.
Answer: A
Explanation:
Resource Monitor
Windows 7 offers an enhanced version of the Resource Monitor tool. Windows 7 Resource Monitor allows you to view information about hardware and software resource use in real time. You can filter the results according to the processes or services that you want to monitor. You can also use Resource Monitor to start, stop, suspend, and resume processes and services, and to troubleshoot unresponsive applications. You can start Resource Monitor from the Processes tab of Task Manager or by entering resmon in the Search box on the Start menu. To identify the network address that a process is connected to, click the Network tab and then click the title bar of TCP Connections to expand the table. Locate the process whose network connection you want to identify. You can then determine the Remote Address and Remote Port columns to see which network address and port the process is connected to.
QUESTION 296
You have a computer that runs Windows 7. The computer contains two volumes, C and D. You create a new folder called D:\Reports. You need to ensure that all files stored in the Reports folder are indexed by Windows Search.
What should you do?
A. Enable the archive attribute on the folder.
B. Modify the Folder Options from Control Panel.
C. Modify the properties of the Windows Search service.
D. Create a new library and add the Reports folder to the library.
Answer: D
Explanation:
Libraries enable you to organize files by using metadata about the file, such as author, date, type, tags, and so on-instantly. You’re not limited to just browsing files by folder hierarchy. When you save files in a Library, Windows?7 indexes the files. You can use Library features like the Arrange By control to instantly browse the files in the Library by metadata or use the Search Builder, which is built into the Search box in Windows Explorer, to instantly search the files in the Library by metadata.
QUESTION 297
You have a computer that runs Windows 7. You update the driver for the computer’s video card and the computer becomes unresponsive. You need recover the computer in the minimum amount of time. What should you do?
A. Restart in safe mode and then roll back the video card driver.
B. Restart in safe mode and then revert the computer to a previous restore point.
C. Start the computer from the Windows 7 installation media. Select Repair your computer and then select
System Restore.
D. Start the computer from the Windows 7 installation media. Select Repair your computer and then select
System Image Recovery.
Answer: A
Explanation:
If you install a driver that causes your computer to become unstable, you should first attempt to roll back the driver. If this does not solve the problem, you can restore system files and settings by performing a system restore to restore the computer to its last system restore point. A system restore returns a computer system to a selected restore point. System restores do not alter user files. Note that a system restore is not the same as a System Image restore.
QUESTION 298
You plan to install Windows 7 on a computer that contains a single hard disk drive. The hard disk drive is connected to a RAID controller. During the installation, you discover that the Windows 7 installation media does not include the files required to install the RAID controller. You need ensure that you can install Windows 7 on the hard disk drive. What should you do?
A. Insert the Windows installation media and press remove some files during the computer’s power-on self
test (POST).
B. Insert the Windows installation media and press F6 during the computer’s power-on self test (POST).
C. Start the computer from the Windows installation media. From the Install Windows dialog box, click Load Driver.
D. Start the computer from the Windows installation media. From the Install Windows dialog box, click Drive
options (advanced).
Answer: C
Explanation:
If your computer has special disk drive hardware, such as a redundant array of independent disks (RAID) array, it may be necessary to use the Load Driver option. It is necessary to use this option only if the disk that you want to install Windows on is not shown as a possible install location. If your disk is shown as an available option, Windows 7 has already loaded the appropriate drivers. Once you select the location where you want to install Windows 7, the Windows 7 installation process begins.
QUESTION 299
You have an offline virtual hard disk (VHD) that contains a generalized installation of Windows 7 Ultimate. You need to disable the built-in games in the VHD. You must achieve this goal by using the minimum amount of administrative effort. What should you do?
A. Start a computer from the VHD. Run Ocsetup.exe and specify the /uninstall parameter. Recapture the VHD.
B. Start a computer from the VHD. From Programs and Features, turn off the Games feature and then recapture
the VHD.
C. Create an answer file that has InboxGames disabled. On a computer that runs Windows 7, attach the VHD.
Run Pkgmgr.exe and specify the /uu parameter.
D. Create an answer file that has InboxGames disabled. On a computer that runs Windows 7, attach the VHD.
Run Dism.exe and specify the /apply-unattend parameter.
Answer: D
Explanation:
Dism
Deployment Image Servicing and Management (DISM) is a command-line tool used to service Windows images offline before deployment. You can use it to install, uninstall, configure, and update Windows features, packages, drivers, and international settings. Subsets of the DISM servicing commands are also available for servicing a running operating system. /Apply-Unattend (Applies an unattend.xml file to an image.) If you are updating device drivers using an unattended answer file, you must apply the answer file to an offline image and specify the settings in the offlineServicing configuration pass. If you are updating packages or other settings using an unattended answer file, you can apply the answer file to an offline or online image. Specify the settings in the offlineServicing configuration pass.
QUESTION 300
You have a computer that runs Windows 7 Professional. You need to upgrade the computer to Windows 7 Ultimate. You must achieve this goal in the minimum amount of time. What should you do?
A. Run Windows Update.
B. Run Windows Anytime Upgrade.
C. From the Windows 7 installation media, run Setup.exe.
D. From the Windows 7 installation media, run Migwiz.exe.
Answer: B
Explanation:
Windows Anytime Upgrade With Windows Anytime Upgrade, shown in Figure,you can purchase an upgrade to an application over the Internet and have the features unlocked automatically. This upgrade method is more suitable for home users and users in small businesses where a small number of intra-edition upgrades is required.
If you want to pass Microsoft 70-680 successfully, donot missing to read latest lead2pass Microsoft 70-680 exam questions.
If you can master all lead2pass questions you will able to pass 100% guaranteed.