Microsoft Windows Support Technician 70-685 Practice Test 2024

The 70-685: TS: Windows 7 Enterprise Desktop Support Technician course is tailored for IT professionals seeking to acquire the essential skills for supporting and troubleshooting Windows 7 systems within an enterprise setting. This course encompasses a wide range of topics related to the installation, configuration, and management of Windows 7, ensuring participants are well-equipped to tackle desktop support

Key Areas Covered

Installing and Configuring Windows 7: Participants will learn the procedures for installing and configuring Windows 7, including upgrades from earlier versions, clean installations, and customization of system settings.
Managing and Maintaining Windows 7: This section explores techniques for managing user accounts, system settings, and performing backups and restorations. Participants will gain insights into maintaining system performance and managing updates.
Troubleshooting Windows 7: Skills in diagnosing and resolving common Windows 7 issues, including hardware and software problems, will be developed. Participants will utilize built-in tools like Event Viewer, Device Manager, and Performance Monitor for effective troubleshooting.
Configuring and Troubleshooting Networking: This area covers setting up and troubleshooting network connections, both wired and wireless. Participants will learn to configure network services such as DNS, DHCP, and VPN, along with managing network security settings.
Configuring and Troubleshooting Security: Participants will implement and manage Windows 7 security features, including User Account Control (UAC), BitLocker, and Windows Defender, while addressing security-related issues and configuring Group Policy settings.
Managing and Troubleshooting Applications: This section focuses on configuring and managing applications, including installations, updates, and compatibility issues, as well as utilizing compatibility tools to resolve performance problems.

Target Audience

This course is ideal for desktop support technicians, IT support specialists, and system administrators looking to enhance their skills in managing and supporting Windows 7 in a corporate environment. By the end of the course, participants will possess practical knowledge and hands-on experience necessary for effective Windows 7 desktop support and troubleshooting.

Learning Outcomes

Support for Windows 7 Clients (40-45%): Install and configure Windows 7.
Troubleshoot Windows 7 (30-35%): Diagnose and resolve startup issues.
Optimize Windows 7 Performance (15-20%): Implement performance improvements.
Manage Windows 7 Deployment (10-15%): Utilize tools and technologies for deploying Windows 7 in enterprise environments.

Prerequisites

Basic Understanding of Windows Operating Systems: Familiarity with Windows operating systems is essential.
Knowledge of Networking Concepts: Understanding of basic networking concepts and configurations, including TCP/IP, DNS, DHCP, and VPN.
Familiarity with Security Features: Basic knowledge of Windows 7 security features is recommended.

Intended Audience

This course is designed for system administrators, IT support specialists, and IT professionals preparing for certification.

1 The chief financial officer (CFO) releases new guidelines that specify that only users from finance are allowed to run FinanceApp1. Users in the Marketing OU report that they can run FinanceApp1. You need to ensure that only users in the Finance OU can run FinanceApp1. What should you do?
1. A. In the AllComputers GPO, create a new AppLocker executable rule.
  Explanation
  Creating a new AppLocker executable rule in the AllComputers GPO will allow you to specify that only users from the Finance OU can run FinanceApp1. This rule will restrict access to the application based on the user's organizational unit, ensuring that only users in the Finance OU can run the application.
2. B. In the Desktops GPO and the Laptops GPO, create a new Windows Installer rule.
  Explanation
  Creating a new Windows Installer rule in the Desktops GPO and the Laptops GPO is not the correct approach to restrict access to FinanceApp1 based on the user's organizational unit. Windows Installer rules are typically used for controlling the installation of software, not for restricting access to already installed applications based on user groups.
3. C. In the AllComputers GPO, create a software restriction policy and define a new hash rule.
  Explanation
  Creating a software restriction policy and defining a new hash rule in the AllComputers GPO is not the most appropriate solution for ensuring that only users in the Finance OU can run FinanceApp1. Hash rules are used to identify specific files based on their content, not to restrict access to applications based on user groups.
4. D. In the Desktops GPO and the Laptops GPO, create a software restriction policy and define a new path rule.
  Explanation
  Creating a software restriction policy and defining a new path rule in the Desktops GPO and the Laptops GPO is not the correct method to ensure that only users in the Finance OU can run FinanceApp1. Path rules are used to restrict access to applications based on their file path, not based on user groups within the organization.
Correct!

Wrong!

Overall Explanation

Correct Answer: A
2 Users in the ERPApp1 pilot project report intermittent application issues. You need to consolidate all application events for the users in a central location. What should you do?
1. A. Configure event subscriptions.
  Explanation
  Configuring event subscriptions allows you to collect events from multiple computers and store them in a central location. This will help consolidate all application events for the users in the ERPApp1 pilot project and make it easier to analyze and troubleshoot any intermittent application issues they are experiencing.
2. B. Configure the Advanced Audit Policy Configuration settings.
  Explanation
  Configuring the Advanced Audit Policy Configuration settings is more focused on auditing and security-related events rather than consolidating application events for troubleshooting purposes. While it can be useful for monitoring and tracking system changes, it may not be the most effective solution for consolidating application events.
3. C. Create a custom view in Event Viewer.
  Explanation
  Creating a custom view in Event Viewer allows you to filter and view specific events based on criteria you define. While this can be helpful for organizing and viewing events, it does not provide a centralized location for consolidating all application events from multiple users in the ERPApp1 pilot project.
4. D. Create a user-defined Data Collector Set.
  Explanation
  Creating a user-defined Data Collector Set is more geared towards performance monitoring and data collection for system analysis. While it can capture performance-related data, it may not be the most suitable option for consolidating application events for troubleshooting intermittent application issues reported by users in the ERPApp1 pilot project.
Correct!

Wrong!

Overall Explanation

Correct Answer: A
3 The help desk reports that users in the Marketing OU print draft documents, e-mails, and other miscellaneous documents on Printer2. You need to recommend a solution so that marketing users print documents to Printer1 by default. What should you do?
1. A. Enable printer pooling.
  Explanation
  Enabling printer pooling allows multiple printers to be grouped together as a single virtual printer. This solution does not address the specific requirement of redirecting marketing users to print to Printer1 by default.
2. B. Configure Group Policy Preferences.
  Explanation
  Configuring Group Policy Preferences allows you to set default printer settings for specific users or groups. By setting Printer1 as the default printer for users in the Marketing OU through Group Policy Preferences, you can ensure that they print to Printer1 by default.
3. C. Modify the priorities of the shared printers.
  Explanation
  Modifying the priorities of shared printers does not directly address the issue of redirecting marketing users to print to Printer1 by default. Printer priorities determine the order in which print jobs are processed, not the default printer for specific users or groups.
4. D. Modify the permissions of the shared printers.
  Explanation
  Modifying the permissions of shared printers controls who can access and manage the printers, but it does not address the requirement of setting Printer1 as the default printer for marketing users. Printer permissions are related to security and access control, not printer defaults.
Correct!

Wrong!

Overall explanation

Correct Answer: B
4 The Office1 network link is brought offline for emergency maintenance. Users in Office2 and Office3 report that they cannot connect to the wireless network. You need to recommend changes to ensure that users in all offices can connect to the wireless network if a WAN link fails. What should you recommend?
1. A. that redundant DHCP scopes be created
  Explanation
  Creating redundant DHCP scopes will ensure that users in all offices can still obtain IP addresses and connect to the wireless network even if the WAN link fails. This redundancy will prevent network connectivity issues during emergencies.
2. B. that additional RADIUS servers be deployed
  Explanation
  Deploying additional RADIUS servers will not directly address the issue of users in Office2 and Office3 being unable to connect to the wireless network when the WAN link fails. RADIUS servers are primarily used for authentication and authorization, not for ensuring network connectivity during link failures.
3. C. that universal group caching be implemented
  Explanation
  Implementing universal group caching will not solve the problem of users in Office2 and Office3 being unable to connect to the wireless network when the WAN link fails. Universal group caching is related to Active Directory group membership caching and does not impact network connectivity in the event of a WAN link failure.
4. D. that additional default gateways be configured
  Explanation
  Configuring additional default gateways will not guarantee that users in all offices can connect to the wireless network if a WAN link fails. Default gateways are used for routing traffic outside of the local network and do not directly address the issue of wireless network connectivity during link failures.
Correct!

Wrong!

Overall explanation

Correct Answer: B
5 The company purchases 500 USB flash drives from a new hardware vendor and distributes them to the users. The help desk reports that the users are unable to access the new USB flash drives. You need to ensure that users can save data on the USB flash drives. What should you do?
1. A. Instruct the help desk to modify the BitLocker settings.
  Explanation
  Modifying the BitLocker settings is not relevant to the issue of users being unable to access the new USB flash drives. BitLocker is used for encrypting drives, not enabling access to them.
2. B. Instruct the help desk to modify the Windows Defender settings.
  Explanation
  Modifying the Windows Defender settings is not related to the issue of users being unable to access the new USB flash drives. Windows Defender is an antivirus program, not a tool for enabling access to external devices
3. C. Request that an administrator modify the driver signing policy.
  Explanation
  Modifying the driver signing policy is not the appropriate action to take in this scenario. Driver signing policies are related to the installation of device drivers, not enabling access to USB flash drives.
4. D. Request that an administrator modify the device installation restriction policy.
  Explanation
  Modifying the device installation restriction policy is the correct action to take in this scenario. By adjusting this policy, users will be able to install and access the new USB flash drives without any restrictions.
Correct!

Wrong!

Overall Explanation

Correct Answer: D
6 The company is deploying a new application. When users attempt to install the application, they receive an error message indicating that they need administrative privileges to install it. You need to recommend a solution to ensure that users can install the application. The solution must adhere to the corporate security guidelines. What should you recommend?
1. A. Publish the application by using a Group Policy.
  Explanation
  Publishing the application using a Group Policy allows administrators to deploy the application to users without requiring administrative privileges. This method ensures that users can install the application without compromising security guidelines, as the deployment is controlled and managed centrally.
2. B. Disable User Account Control (UAC) by using a Group Policy.
  Explanation
  Disabling User Account Control (UAC) through Group Policy is not recommended as it weakens the security of the system. UAC helps prevent unauthorized changes to the system and disabling it can expose the system to potential security risks. It is not the appropriate solution to allow users to install applications.
3. C. Add all domain users to the local Power Users group by using Restricted Groups.
  Explanation
  Adding all domain users to the local Power Users group using Restricted Groups can grant users elevated privileges that may not be necessary for installing the application. This approach can lead to security vulnerabilities and is not in line with corporate security guidelines.
4. D. Add the current users to the local Administrators group by using Group Policy preferences.
  Explanation
  Adding current users to the local Administrators group using Group Policy preferences grants users full administrative privileges, which can pose a security risk. Giving users unnecessary administrative access can lead to unauthorized changes to the system and compromise security. It is not the recommended solution for allowing users to install applications while adhering to corporate security guidelines.
Correct!

Wrong!

Overall explanation

Correct Answer: A
7 Several mobile users access the Internet by using cellular connections. The help desk reports a high volume of calls from mobile users who report the following connection problems: When their cellular connections fail, their VPN connections also fail. When their cellular connections are reestablished, they must manually connect to the VPN server. You need to recommend a solution to ensure that the VPN connections are automatically reestablished. What should you recommend?
1. A. Implement an IKEv2 VPN
  Explanation
  Implementing an IKEv2 VPN is the correct solution as it supports automatic reconnection when the network connection is lost and then reestablished. This will ensure that the VPN connections are automatically reestablished without the need for manual intervention, addressing the reported issue from mobile users.
2. B. Implement an SSTP-based VPN
  Explanation
  Implementing an SSTP-based VPN may not be the most suitable solution for this scenario. While SSTP is a secure VPN protocol, it may not provide the automatic reconnection feature that is needed to address the reported connection problems from mobile users.
3. C. Configure credential roaming
  Explanation
  Configuring credential roaming is not directly related to automatically reestablishing VPN connections when cellular connections fail. While credential roaming can help users access their credentials across different devices, it does not address the specific issue of VPN connections failing and requiring manual reconnection.
4. D. Configure a Kerberos user ticket lifetime
  Explanation
  Configuring a Kerberos user ticket lifetime is not the appropriate solution for ensuring that VPN connections are automatically reestablished when cellular connections fail. This setting determines how long a user's Kerberos ticket is valid and does not address the automatic reconnection of VPN connections in the event of network disruptions.
Correct!

Wrong!

Overall explanation

Correct Answer: A
8 Five users from the main office travel to the branch office. The users bring their portable computers. The help desk reports that the users are unable to access any network resources from the branch office. Branch office users can access the network resources. You need to ensure that the main office users can access all network resources by using their portable computers in the branch office. The solution must adhere to the corporate security guidelines. What should you instruct the help desk to do on the portable computers?
1. A. Create a new VPN connection
  Explanation
  Creating a new VPN connection on the portable computers will allow the main office users to securely access network resources from the branch office. This will establish a secure connection and ensure that corporate security guidelines are followed while enabling access to resources.
2. B. Add the users to the local Administrators group.
  Explanation
  Adding the users to the local Administrators group on the portable computers is not the correct solution to enable access to network resources from the branch office. This action could potentially compromise security by granting unnecessary administrative privileges to the users.
3. C. Add the users to the Network Configuration Operators group.
  Explanation
  Adding the users to the Network Configuration Operators group on the portable computers is not the appropriate solution to address the issue of accessing network resources from the branch office. This group is typically used for managing network configuration settings, not for enabling access to resources in a different location.
4. D. Configure the alternate configuration for the local area connection.
  Explanation
  Configuring the alternate configuration for the local area connection on the portable computers is not the recommended solution to ensure main office users can access network resources from the branch office. This setting is typically used for specifying alternate network settings in case the primary configuration fails, and it does not address the issue of accessing resources in a different location.
Correct!

Wrong!

Overall explanation

Correct Answer: D
9 Users report that their DirectAccess connections fail. You instruct the help desk to tell the users to run the Connection to a Workplace Using DirectAccess troubleshooter. The help desk reports that the Connection to a Workplace Using DirectAccess troubleshooter fails to function. You need to ensure that the Connection to a Workplace Using DirectAccess troubleshooter functions properly. What should you do?
1. A. Instruct the help desk to enable IPv6 on the users' computers.
  Explanation
  Enabling IPv6 on the users' computers is important for DirectAccess connections as DirectAccess relies on IPv6 connectivity. Without IPv6 enabled, the DirectAccess troubleshooter may fail to function properly.
2. B. Instruct the help desk to modify the users' Windows Firewall settings.
  Explanation
  Modifying the users' Windows Firewall settings may be necessary to allow DirectAccess connections to function properly. However, this action may not directly address the issue with the Connection to a Workplace Using DirectAccess troubleshooter failing to work.
3. C. Request that the domain administrator configure the Teredo State Group Policy
  setting.Explanation
  Configuring the Teredo State Group Policy setting is important for DirectAccess connections, as Teredo is a technology used to enable IPv6 connectivity over IPv4 networks. However, this setting may not directly impact the functionality of the Connection to a Workplace Using DirectAccess troubleshooter.
4. D. Request that the domain administrator configure the Corporate Website Probe URL Group Policy setting.
  Explanation
  Configuring the Corporate Website Probe URL Group Policy setting is essential for the proper functioning of the Connection to a Workplace Using DirectAccess troubleshooter. This setting allows the troubleshooter to check the connectivity to the corporate website, which is crucial for troubleshooting DirectAccess connection issues.
Correct!

Wrong!

Overall explanation

Correct Answer: D
10 The company implements a data recovery agent (DRA) for Bitlocker. A portable computer fails. The help desk reports that it is unable to use the DRA to recover the data from the computer's hard disk drive. You need to ensure that the DRA can be used to recover data from the hard disk drives of all portable computers. Which tool should you use?
1. A. CertUtil.exe
  Explanation
  CertUtil.exe is a command-line program that is used to display information about certificates. It is not directly related to managing Bitlocker encryption or data recovery, so it is not the correct tool to use in this scenario.
2. B. Cipher.exe
  Explanation
  Cipher.exe is a command-line tool that is used to encrypt or decrypt files and folders. While it can be used for managing encryption, it is not specifically designed for managing Bitlocker encryption or data recovery, so it is not the correct tool to use in this scenario.
3. C. Manage-bde.exe
  Explanation
  Manage-bde.exe is a command-line tool that is specifically designed for managing Bitlocker encryption on Windows devices. It allows users to perform various Bitlocker-related tasks, including data recovery using the DRA. Therefore, it is the correct tool to use in this scenario to ensure that the DRA can be used to recover data from the hard disk drives of portable computers.
4. D. SDelete.exe
  Explanation
  SDelete.exe is a command-line tool that is used to securely delete files and clean disk space. It is not designed for managing Bitlocker encryption or data recovery, so it is not the correct tool to use in this scenario.
Correct!

Wrong!

Overall explanation

Correct Answer: C
11 Users in the research department report that they cannot run App1 or Windows XP Mode. You need to ensure that all research department users can run App1. You need to achieve this goal by using the minimum amount of administrative effort. What should you do?
1. A. Approve all Windows 7 updates on WSUS1.
  Explanation
  Approving all Windows 7 updates on WSUS1 is the correct choice because App1 and Windows XP Mode may require specific updates or patches to run properly. By ensuring that all Windows 7 updates are approved on WSUS1, you can address any potential compatibility issues that may be preventing users in the research department from running App1.
2. B. Enable hardware virtualization on the research department computers.
  Explanation
  Enabling hardware virtualization on the research department computers may not directly address the issue of users not being able to run App1 or Windows XP Mode. While hardware virtualization can be beneficial for running virtual machines, it may not be the most efficient solution for ensuring that all research department users can run App1 with the minimum amount of administrative effort.
3. C. Give each member of the research department a computer that has an Intel Core i5 processor.
  Explanation
  Giving each member of the research department a computer that has an Intel Core i5 processor may not be necessary to resolve the issue of users not being able to run App1 or Windows XP Mode. While having a more powerful processor can improve performance, it may not directly address any underlying compatibility issues that are preventing users from running the applications.
4. D. Request that a domain administrator create a GPO that configures the Windows Remote Management (WinRM) settings.
  Explanation
  Requesting a domain administrator to create a GPO that configures the Windows Remote Management (WinRM) settings may not be the most effective solution for ensuring that all research department users can run App1. WinRM settings are typically used for remote management and may not directly impact the ability to run specific applications like App1 or Windows XP Mode.
Correct!

Wrong!

Overall explanation

Correct Answer: B
12 Datum hires several consultants to work at the main office for six months. The consultants require Internet access. The help desk reports that the consultants cannot access the company's wireless network. You need to ensure that the consultants have wireless access to the Internet. The solution must adhere to the corporate security policy. What should you request?
1. A. that a wireless access key be given to each consultant
  Explanation
  Providing a wireless access key to each consultant may not be the most secure solution as the key can be easily shared or compromised, potentially violating the corporate security policy.
2. B. that a user certificate be generated and imported to each consultant's computer
  Explanation
  Generating and importing a user certificate to each consultant's computer may provide secure authentication for accessing the wireless network, but it may not directly address the issue of connecting to the Internet, which is the primary requirement.
3. C. that a computer certificate be generated and imported to each consultant's computer
  Explanation
  Generating and importing a computer certificate to each consultant's computer may enhance security for network access, but it may not directly solve the issue of connecting to the Internet, which is the main goal in this scenario.
4. D. that a network administrator install a wireless access point that is connected directly to the Internet
  Explanation
  Installing a wireless access point directly connected to the Internet by a network administrator ensures that the consultants have secure wireless access to the Internet while adhering to the corporate security policy. This solution provides a direct and secure connection for Internet access without compromising network security.
Correct!

Wrong!

Overall explanation

Correct Answer: D
13 The motherboard on a portable computer fails. The data on the computer's hard disk drive cannot be recovered. You need to recommend a solution to ensure that the data on hard disks can be recovered if the motherboard on other portable computers fail Which two configurations should you recommend?
1. A. Disable BitLocker on all portable computers.
  Explanation
  Disabling BitLocker on all portable computers will not help in ensuring data recovery if the motherboard fails. BitLocker encryption is designed to protect data, and disabling it will not contribute to data recovery in case of hardware failure.
2. B. Convert the hard disks on all portable computers to dynamic disks.
  Explanation
  Converting the hard disks on all portable computers to dynamic disks will not directly help in ensuring data recovery if the motherboard fails. Dynamic disks offer advanced storage features, but they do not specifically address data recovery in case of hardware failure.
3. C. Export and securely store the computer certificates on all portable computers.
  Explanation
  Exporting and securely storing the computer certificates on all portable computers can be a good recommendation to ensure data recovery if the motherboard fails. Computer certificates are used to access encrypted data, and having them securely stored can aid in data recovery efforts.
4. D. Configure the BitLocker settings on all portable computers by using Group Policy.
  Explanation
  Configuring the BitLocker settings on all portable computers by using Group Policy can be a helpful recommendation to ensure data recovery if the motherboard fails. Group Policy settings can help manage BitLocker encryption and recovery options, which can be crucial in recovering data from encrypted drives in case of hardware failure.
Correct!

Wrong!

Overall explanation

Correct Answer: A and D
14 The help desk reports that several client computers in branch office 1 are missing security updates. You need to identify which security updates are missing. What should you request?
1. A. that a WSUS administrator generate a Computer Report from WSUS1
  Explanation
  Requesting a WSUS administrator to generate a Computer Report from WSUS1 is the correct choice because WSUS (Windows Server Update Services) is a tool used to manage and distribute updates within a network. By generating a Computer Report, you can identify which security updates are missing on the client computers in branch office 1.
2. B. that a domain administrator run the Microsoft Baseline Security Analyzer (MBSA)
  Explanation
  Asking a domain administrator to run the Microsoft Baseline Security Analyzer (MBSA) is not the most appropriate choice for identifying missing security updates on client computers. MBSA is a tool used to scan for common security misconfigurations and missing security updates on a single computer, not across multiple computers in a branch office.
3. C. that a desktop support technician run a Windows Defender scan on each computer
  Explanation
  Requesting a desktop support technician to run a Windows Defender scan on each computer is not the best option for identifying missing security updates. Windows Defender is an antivirus program that focuses on malware detection and removal, rather than specifically identifying missing security updates.
4. D. that a desktop support technician generate a System Configuration report for each computer
  Explanation
  Asking a desktop support technician to generate a System Configuration report for each computer is not the most effective way to identify missing security updates. A System Configuration report provides information about the hardware and software configuration of a computer, but it does not specifically highlight missing security updates.
Correct!

Wrong!

Overall explanation

Correct Answer: B
15 The company hires an additional 100 users. The users are unable to install the custom application. You need to ensure that the users can install the custom application. What should you do?
1. A. Disable User Account Control (UAC).
  Explanation
  Disabling User Account Control (UAC) will allow the users to install applications without being prompted for permission each time. This will streamline the installation process and ensure that the users can install the custom application without any interruptions.
2. B. Add the users to the local Administrators group.
  Explanation
  Adding the users to the local Administrators group will give them elevated privileges, allowing them to install applications. However, this approach is not recommended as it poses security risks and may lead to unauthorized changes to the system.
3. C. Request that the application package be re-signed.
  Explanation
  Requesting that the application package be re-signed may address issues related to the application's digital signature, but it will not directly enable the users to install the custom application. This solution may be necessary for security reasons but is not the most immediate solution to the installation problem.
4. D. Request that the user certificates be issued to the new users.
  Explanation
  Requesting that user certificates be issued to the new users will not directly address the issue of users being unable to install the custom application. User certificates are typically used for authentication and encryption purposes, not for enabling application installations.
Correct!

Wrong!

Overall explanation

Correct Answer: C
16 You deploy Microsoft Office 2007 to a pilot group in the main office. Users in the pilot group report that all of the Office 2007 applications run successfully. You deploy Office 2007 to users in the New York call center. The call center users report that they are unable to launch the Office 2007 applications. You need to ensure that the call center users can run all of the Office 2007 applications. What should you do?
1. A. Modify the AppLocker rule.
  Explanation
  Modifying the AppLocker rule can allow the call center users to run the Office 2007 applications by adjusting the application control policies to permit the execution of the necessary programs. This can help resolve any restrictions that may be preventing the applications from launching.
2. B. Disable User Account Control (UAC).
  Explanation
  Disabling User Account Control (UAC) may not directly address the issue of the call center users being unable to launch the Office 2007 applications. UAC is a security feature that helps prevent unauthorized changes to the system, but it is not typically related to application launch issues.
3. C. Deploy the 2007 Office system Administrative Template files.
  Explanation
  Deploying the 2007 Office system Administrative Template files may provide additional configuration options for managing Office 2007 settings, but it may not directly address the specific issue of the call center users being unable to run the applications. This choice may not be the most effective solution in this scenario.
4. D. Configure the Office 2007 applications to run in Windows Vista compatibility mode.
  Explanation
  Configuring the Office 2007 applications to run in Windows Vista compatibility mode may not be the most appropriate solution for addressing the issue of the call center users being unable to launch the applications. Compatibility mode settings are typically used to address compatibility issues with older software on newer operating systems, and may not resolve the specific issue at hand.
Correct!

Wrong!

Overall explanation

Correct Answer: A
17 At 08:00 on a Tuesday morning, an administrator in Site 3 takes DC3 offline to update the server. Users in Site 3 report that they cannot log on to their computers. The users receive the following error message: "Your account has time restrictions that prevent you from logging on at this time. Please try again later." You need to ensure that all users can log on to their computers when DC3 is offline for maintenance. Your solution must adhere to the corporate security policies. What should you do?
1. A. Modify the logon hours for all users in Site 3.
  Explanation
  Modifying the logon hours for all users in Site 3 would allow them to log on at any time, regardless of the server status. This solution would ensure that users can log on to their computers even when DC3 is offline for maintenance, but it may not be the most efficient or secure solution as it overrides the existing time restrictions.
2. B. Change the time zone settings for all client computers in Site 3 to UTC-05:00.
  Explanation
  Changing the time zone settings for all client computers in Site 3 to UTC-05:00 would not address the issue of users being unable to log on when DC3 is offline. Time zone settings are not related to logon restrictions, so this solution would not allow users to log on during server maintenance.
3. C. Request that a second domain controller be deployed in Site 3.
  Explanation
  Requesting a second domain controller to be deployed in Site 3 would provide redundancy and ensure that users can authenticate and log on even when DC3 is offline for maintenance. This solution aligns with corporate security policies by maintaining high availability and ensuring uninterrupted access for users.
4. D. Request that the time zone settings for DC1 and DC2 be changed to UTC-08:00.
  Explanation
  Requesting that the time zone settings for DC1 and DC2 be changed to UTC-08:00 would not solve the issue of users being unable to log on when DC3 is offline. Time zone settings on domain controllers do not affect user logon restrictions, so this solution would not address the problem at hand.
Correct!

Wrong!

Overall explanation

Correct Answer: C
18 You have two external consultants. The consultants use their own personal portable computers. The consultants report that they are unable to connect to your wireless network. You need to give the consultants wireless access to the Internet. The solution must prevent external consultants from accessing internal resources. What should you do?
1. A. Issue a user certificate to the consultants.
  Explanation
  Issuing a user certificate to the consultants will allow them to connect to the wireless network securely without accessing internal resources. User certificates authenticate the user's identity without granting access to the domain or internal resources, making it the appropriate choice in this scenario.
2. B. Issue a computer certificate to the consultants.
  Explanation
  Issuing a computer certificate to the consultants would not be the most suitable solution in this case. Computer certificates are used to authenticate the computer itself, not the user, and may not provide the necessary security measures to prevent access to internal resources.
3. C. Join both portable computers to the domain. Add the computer accounts to the MargiesTravelWireless group.
  Explanation
  Joining the portable computers to the domain and adding their computer accounts to a specific group may provide network access, but it does not guarantee the prevention of access to internal resources. This solution may also introduce unnecessary complexity and potential security risks.
4. D. Create a domain user account for each consultant. Add the user accounts to the MargiesTravelWireless group.
  Explanation
  Creating domain user accounts for the consultants and adding them to a specific group may grant access to the wireless network, but it does not ensure the prevention of access to internal resources. User accounts alone may not provide the necessary security measures to restrict access to sensitive information.
Correct!

Wrong!

Overall explanation

Correct Answer: B
19 Users access a third-party Web site. The Web site is updated to use Microsoft Silverlight. After the update, the help desk receives a high volume of phone calls from users who report that the Web site fails to function. You need to ensure that the Web site functions properly for the users. What should you do?
1. A. Modify the Windows Internet Explorer AJAX settings by using a Group Policy object (GPO).
  Explanation
  Modifying the Windows Internet Explorer AJAX settings through a Group Policy object (GPO) can help ensure that the Web site functions properly for users accessing it. This setting adjustment can potentially resolve any issues related to the functionality of the Microsoft Silverlight-based Web site.
2. B. Modify the Windows Internet Explorer add-ons settings by using a Group Policy object (GPO).
  Explanation
  Modifying the Windows Internet Explorer add-ons settings through a Group Policy object (GPO) may not directly address the specific issue of the Web site failing to function after the update to Microsoft Silverlight. This setting adjustment may not be the most effective solution in this scenario.
3. C. Add the Web site to the Windows Internet Explorer Restricted sites by using a Group Policy object (GPO).
  Explanation
  Adding the Web site to the Windows Internet Explorer Restricted sites through a Group Policy object (GPO) may further restrict access to the site, potentially exacerbating the issue of the Web site failing to function for users. This action may not resolve the underlying problem.
4. D. Add the Web site to the Windows Internet Explorer Compatibility View list by using a Group Policy object (GPO).
  Explanation
  Adding the Web site to the Windows Internet Explorer Compatibility View list through a Group Policy object (GPO) may not directly address the issue of the Web site failing to function after the update to Microsoft Silverlight. This setting adjustment may not be the most appropriate solution to ensure proper functionality for users accessing the site.
Correct!

Wrong!

Overall explanation

Correct Answer: B
20 The help desk reports that remote desktop connections are not enabled on the public computers in the chalets. Consequently, the help desk must instruct local staff to enable remote desktop connections on each public computer. You need to ensure that remote desktop connections are enabled when public computers are deployed in the chalets. What should you do?
1. A. Enable Remote Desktop Connection in the standard computer image.
  Explanation
  Enabling Remote Desktop Connection in the standard computer image ensures that remote desktop connections are already enabled when the public computers are deployed in the chalets. This approach eliminates the need for manual intervention by the help desk to enable remote desktop connections on each computer individually.
2. B. Instruct the help desk to enable Windows Remote Management (WinRM) on the public computers.
  Explanation
  Instructing the help desk to enable Windows Remote Management (WinRM) on the public computers is not directly related to enabling remote desktop connections. WinRM is used for remote management and monitoring, not for enabling remote desktop access for users to connect to the computers.
3. C. Request that a network administrator create a logon script for the domain.
  Explanation
  Requesting a network administrator to create a logon script for the domain is not the most efficient solution for enabling remote desktop connections on public computers in the chalets. A logon script typically runs when a user logs in and may not be the best method for ensuring remote desktop connections are consistently enabled on all computers.
4. D. Request that a network administrator create a new Group Policy to enable remote desktop connections. Link the new Group Policy to each site.
  Explanation
  Requesting a network administrator to create a new Group Policy to enable remote desktop connections and linking it to each site is a valid approach to ensure remote desktop connections are enabled on all public computers in the chalets. Group Policies provide centralized management and configuration settings, making it easier to enforce specific settings across multiple computers.
Correct!

Wrong!

Overall explanation

Correct Answer: A
21 Remote users report that after they renew their smart card certificates, they are unable to log on to their computers by using their smart cards. You need to ensure that users can log on by using their smart cards. What should you instruct the users to do?
1. A. Change their smart card PINs.
  Explanation
  Changing their smart card PINs may not resolve the issue of being unable to log on after renewing their smart card certificates. The issue is likely related to the authentication process rather than the PIN itself.
2. B. Request a new smart card certificate.
  Explanation
  Requesting a new smart card certificate may not be necessary as the users have already renewed their certificates. The issue may lie in the authentication process rather than the validity of the certificate.
3. C. Log on by using their user names and passwords, and then lock and unlock their computers.
  Explanation
  Logging on using user names and passwords and then locking and unlocking the computers will not address the specific issue of being unable to log on using smart cards after certificate renewal. This workaround does not address the root cause of the problem.
4. D. Establish a VPN connection from the logon screen and use their smart cards for authentication.
  Explanation
  Establishing a VPN connection from the logon screen and using their smart cards for authentication can help resolve the issue. This method ensures that the smart card authentication process is properly initiated, allowing users to log on successfully after renewing their smart card certificates.
Correct!

Wrong!

Overall explanation

Correct Answer: D
22 The VPN connection between Site 1 and Site 3 fails. Users in Site 3 report that their computers take a long time to start and that they are unable to access the Internet. You need to ensure that users in Site 3 are able to access the Internet if the VPN connection between Site 1 and Site 3 fails. What should you request an administrator to do?
1. A. Add the DHCP server role to DC3.
  Explanation
  Adding the DHCP server role to DC3 will ensure that users in Site 3 can obtain IP addresses and network configuration information even if the VPN connection between Site 1 and Site 3 fails. This will allow them to access the Internet and other network resources within their local network.
2. B. Add the DNS server role to Server3.
  Explanation
  Adding the DNS server role to Server3 will not directly address the issue of users in Site 3 being unable to access the Internet if the VPN connection between Site 1 and Site 3 fails. While DNS resolution is important for accessing websites, it is not the primary concern in this scenario.
3. C. Modify the 003 Router option in the DHCP scope on Server3.
  Explanation
  Modifying the 003 Router option in the DHCP scope on Server3 will not help users in Site 3 access the Internet if the VPN connection between Site 1 and Site 3 fails. This option specifies the default gateway for clients, which is important for routing traffic within the local network, but it does not address the external Internet access issue.
4. D. Modify the 006 DNS Servers option in the DHCP scope on Server3.
  Explanation
  Modifying the 006 DNS Servers option in the DHCP scope on Server3 will not directly solve the problem of users in Site 3 being unable to access the Internet if the VPN connection between Site 1 and Site 3 fails. While DNS server information is crucial for resolving domain names to IP addresses, it does not provide a solution for Internet access in the absence of the VPN connection.
Correct!

Wrong!

Overall explanation

Correct Answer: D
23 Users report that it takes a long time to access resources by using DirectAccess. You need to provide the network administrator with a network capture of DirectAccess traffic. Which tool should you use?
1. A. Netsh.exe
  Explanation
  Netsh.exe is the correct tool to use for capturing DirectAccess traffic. It is a command-line utility that allows you to configure network interfaces, protocols, and filters, as well as capture network traffic. Using Netsh.exe, you can capture and analyze DirectAccess traffic to identify any issues causing delays in resource access.
2. B. Netstat.exe
  Explanation
  Netstat.exe is not the appropriate tool for capturing DirectAccess traffic. Netstat is used to display active network connections, routing tables, and network interface statistics. It does not have the capability to capture and analyze network traffic like Netsh.exe does.
3. C. Perfmon.exe
  Explanation
  Perfmon.exe, also known as Performance Monitor, is used to monitor system performance and gather performance data. While it can provide valuable insights into system performance metrics, it is not designed for capturing network traffic like Netsh.exe. Using Perfmon.exe for this purpose would not be effective in diagnosing DirectAccess issues.
4. D. Winsat.exe
  Explanation
  Winsat.exe, the Windows System Assessment Tool, is used to assess and benchmark system performance. It is not intended for capturing network traffic or analyzing network issues like delays in DirectAccess resource access. Using Winsat.exe would not help in providing the network administrator with a network capture of DirectAccess traffic.
Correct!

Wrong!

Overall explanation

Correct Answer: A
24 Your users access a third-party Web site to fulfill purchase orders. The Web site is updated. Users receive the following error message when they access the updated Web site: "Internet Explorer has blocked this site from using an ActiveX control in an unsafe manner. As a result, this page may not display correctly." You need to ensure that users can access the Web site and that the Web site content is displayed correctly. What should you do?
1. A. Modify the Internet Explorer AJAX settings.
  Explanation
  Modifying the Internet Explorer AJAX settings can help resolve the issue with ActiveX controls being blocked in an unsafe manner. By adjusting these settings, you can allow the Web site to use ActiveX controls in a safe manner, ensuring that the content is displayed correctly for users.
2. B. Modify the Internet Explorer Internet zone settings.
  Explanation
  Modifying the Internet Explorer Internet zone settings may not directly address the issue with ActiveX controls being blocked in an unsafe manner. While adjusting these settings can impact how Internet Explorer interacts with websites, it may not specifically resolve the error message related to ActiveX controls on the updated Web site.
3. C. Add the Web site to the Internet Explorer Restricted Sites zone.
  Explanation
  Adding the Web site to the Internet Explorer Restricted Sites zone is not recommended in this scenario. Placing the site in the Restricted Sites zone can further restrict the functionality and content that users can access, potentially exacerbating the issue with ActiveX controls being blocked and causing the page to not display correctly.
4. D. Add the Web site to the Internet Explorer Compatibility View List.
  Explanation
  Adding the Web site to the Internet Explorer Compatibility View List may not address the specific error message related to ActiveX controls being blocked in an unsafe manner. The Compatibility View List is typically used to address compatibility issues with older websites, rather than resolving issues with ActiveX controls on updated websites.
Correct!

Wrong!

Overall explanation

Correct Answer: B
25 The company hires a new desktop support technician. The technician is added to the Administrators group on all client computers and the DHCP Users group on all DHCP servers. The new technician reports that the DHCP snap-in is unavailable on his computer. You need to ensure that the technician can view the configurations of the DHCP servers. What should you do?
1. A. Instruct the technician to customize the Start menu to display the administrative tools.
  Explanation
  Customizing the Start menu to display administrative tools will allow the technician to access the DHCP snap-in and view the configurations of the DHCP servers. This option does not require additional permissions or installations.
2. B. Instruct the technician to install Remote Server Administration Tools (RSAT) and to modify the Windows Features.
  Explanation
  Installing Remote Server Administration Tools (RSAT) and modifying the Windows Features will provide the technician with the necessary tools and features to access the DHCP snap-in and view the configurations of the DHCP servers. This option ensures that the technician has the required tools for the task.
3. C. Request that the technician be added to the Server Operators group in Active Directory.
  Explanation
  Adding the technician to the Server Operators group in Active Directory is not directly related to accessing the DHCP snap-in or viewing DHCP server configurations. This group is typically responsible for managing servers, not DHCP configurations.
4. D. Request that the technician be added to the Network Configuration Operators group in Active Directory and modify the Windows Features.
  Explanation
  Adding the technician to the Network Configuration Operators group in Active Directory and modifying Windows Features may not directly address the issue of accessing the DHCP snap-in. This group is more focused on network configuration tasks rather than DHCP server management.
Correct!

Wrong!

Overall explanation

Correct Answer: B
26 Users in the branch office report slow network performance when they connect to the file shares in the main office. You need to recommend a solution to improve performance when users access the file shares from the branch office. The solution must minimize hardware costs. What should you recommend implementing?
1. A. BranchCache
  Explanation
  BranchCache is the correct choice for improving network performance when accessing file shares from a branch office. It allows clients in the branch office to cache content from file shares in the main office, reducing the need to repeatedly transfer the same data over the network. This solution helps minimize hardware costs by optimizing network utilization and reducing the need for additional infrastructure.
2. B. DirectAccess
  Explanation
  DirectAccess is not the best solution for improving network performance when accessing file shares from a branch office. While DirectAccess provides secure remote access to internal network resources, it does not specifically address the slow network performance experienced by users accessing file shares. It may require additional hardware and configuration, which could increase costs.
3. C. Distributed File System Replication (DFSR)
  Explanation
  Distributed File System Replication (DFSR) is not the most suitable solution for improving network performance when accessing file shares from a branch office. DFSR is used for replicating files between servers to ensure data availability and redundancy, but it does not directly address the performance issues related to accessing file shares over a slow network connection. Implementing DFSR may require additional hardware and infrastructure, which could increase costs.
4. D. Universal Group Membership Caching
  Explanation
  Universal Group Membership Caching is not the recommended solution for improving network performance when accessing file shares from a branch office. While Universal Group Membership Caching helps reduce the time it takes to log in and access resources by caching group membership information, it does not specifically address the slow network performance experienced when accessing file shares. This solution may not effectively minimize hardware costs in this scenario.
Correct!

Wrong!

Overall explanation

Correct Answer: A
27 The help desk reports that several users use the previous version of App1, which causes some data to become corrupt. You need to recommend a solution to prevent all users from using the previous version of App1. What should you recommend?
1. A. that a domain administrator create a GPO linked to the domain and configure AppLocker settings in the GPO
  Explanation
  A domain administrator can create a Group Policy Object (GPO) linked to the domain and configure AppLocker settings in the GPO. By using AppLocker, the administrator can control which applications are allowed to run on the client computers, effectively preventing users from using the previous version of App1.
2. B. that a domain administrator create a GPO linked to the domain and configure Software Installation settings in the GPO
  Explanation
  Configuring Software Installation settings in a GPO linked to the domain may allow the domain administrator to deploy the new version of App1 to all client computers. However, this does not specifically prevent users from using the previous version of App1, as they may still have access to it.
3. C. that the new version of App1 be added to the Data Execution Prevention (DEP) settings on each client computer
  Explanation
  Adding the new version of App1 to the Data Execution Prevention (DEP) settings on each client computer may help protect against certain types of attacks, but it does not prevent users from using the previous version of App1. DEP settings are more focused on preventing code execution from non-executable memory region
4. D. that the previous version of App1 be added to the Data Execution Prevention (DEP) settings on each client computer
  Explanation
  Adding the previous version of App1 to the Data Execution Prevention (DEP) settings on each client computer may not be an effective solution to prevent users from using the previous version. DEP settings are designed to protect against specific types of attacks and may not address the issue of users accessing and running the previous version of the application.
Correct!

Wrong!

Overall explanation

Correct Answer: A
28 Portable computer users report that they can use Internet Explorer to browse Internet Web sites only when they are connected to the company network. You need to ensure that portable computer users can access Internet Web sites from wherever they connect. What should you do?
1. A. Instruct the users to configure static IPv4 settings.
  Explanation
  Configuring static IPv4 settings would not address the issue of portable computer users being unable to access Internet Web sites from wherever they connect. Static settings would only work for a specific network configuration and may not be applicable when users switch networks.
2. B. Instruct the users to configure automatic IPv4 settings.
  Explanation
  Configuring automatic IPv4 settings may help with network connectivity, but it would not specifically address the issue of portable computer users being unable to access Internet Web sites from wherever they connect. This setting alone would not solve the problem.
3. C. Request that a domain administrator link GPO-IE to Active Directory site objects.
  Explanation
  Linking GPO-IE to Active Directory site objects would allow the Group Policy Object to be applied based on the location of the users, ensuring that the correct Internet Explorer settings are applied regardless of the network they are connected to. This would help portable computer users access Internet Web sites from wherever they connect.
4. D. Request that a domain administrator create a new GPO that modifies the Internet Explorer Maintenance settings, and then link the new GPO to the Users OUs.
  Explanation
  Modifying Internet Explorer Maintenance settings through a new GPO linked to the Users OUs may not address the issue of portable computer users being unable to access Internet Web sites from wherever they connect. This approach focuses on user-specific settings rather than network-specific settings.
Correct!

Wrong!

Overall explanation

Correct Answer: C
29 A new print device is installed on Floor 1 and shared on Print1. Users report that when they search Active Directory for printers on Floor 1, the new shared printer is missing. All other shared printers on Floor 1 appear. The help desk reports that users can manually connect to the shared printer. You need to ensure that the new shared printer is displayed when users search for printers on Floor 1. What should you do?
1. A. Modify the permissions of the printer.
  Explanation
  Modifying the permissions of the printer can ensure that the new shared printer is visible to users when they search for printers on Floor 1. By adjusting the permissions, you can grant the necessary access for users to see and connect to the printer.
2. B. Configure a network location for the printer.
  Explanation
  Configuring a network location for the printer may not directly address the issue of the new shared printer not appearing when users search for printers on Floor 1. While network location settings can be helpful for accessing printers, it may not resolve the specific visibility issue in Active Directory.
3. C. Request that a domain administrator modify the Active Directory site configuration.
  Explanation
  Requesting a domain administrator to modify the Active Directory site configuration may not be the most appropriate solution for ensuring the new shared printer is displayed when users search for printers on Floor 1. Site configuration changes may impact broader network settings and may not directly address the printer visibility issue.
4. D. Request that a domain administrator modify the GPO that is linked to each departmental OU.
  Explanation
  Requesting a domain administrator to modify the GPO linked to each departmental OU may not directly resolve the issue of the new shared printer not appearing when users search for printers on Floor 1. GPO settings typically control group policy configurations and may not specifically address printer visibility in Active Directory search results.
Correct!

Wrong!

Overall explanation

Correct Answer: B
30 The sales users that were part of the VPN server pilot project report that they can no longer establish VPN connections to the internal network. You need to ensure that all authorized users can establish VPN connections to the internal network. What should you request a domain administrator to do?
1. A. Enable auto-renewal for certificates.
  Explanation
  Enabling auto-renewal for certificates ensures that the certificates used for VPN connections are automatically renewed before they expire. This can prevent issues with expired certificates causing connection failures for users in the VPN server pilot project.
2. B. Increase the lifetime of the Kerberos user ticket.
  Explanation
  Increasing the lifetime of the Kerberos user ticket is not directly related to resolving the issue of sales users being unable to establish VPN connections. Kerberos user tickets are used for authentication within the domain, not for VPN connections.
3. C. Increase the lifetime of the Kerberos service ticket.
  Explanation
  Increasing the lifetime of the Kerberos service ticket is also not directly related to resolving the VPN connection issue. Kerberos service tickets are used for authenticating services, not for establishing VPN connections to the internal network.
4. D. Increase the certification validity period for the computer certificate template.
  Explanation
  Increasing the certification validity period for the computer certificate template may help in ensuring that the computer certificates used for VPN connections do not expire prematurely. This can be a valid step to take to address the VPN connection issue reported by the sales users.
Correct!

Wrong!

Overall explanation

Correct Answer: A
31 The application support team reports that the App1 data of some users is not saved to AppServer1. The team reports that the users deleted the mapped drive. You need to prevent the users from deleting the mapped drive. Which settings should you request be modified in the APP1Deploy GPO?
1. A. Administrative Templates
  Explanation
  Modifying the Administrative Templates in the APP1Deploy GPO allows you to configure various settings related to user and computer configurations, including preventing users from deleting mapped drives. By setting specific policies related to drive mappings, you can ensure that the mapped drive for App1 is not deleted by the users.
2. B. AppLocker
  Explanation
  AppLocker is a feature that allows you to control which applications and files users can run on their computers. It is not directly related to preventing users from deleting mapped drives, so modifying AppLocker settings in the APP1Deploy GPO would not address the issue of users deleting the mapped drive for App1.
3. C. Group Policy Preferences
  Explanation
  Group Policy Preferences allow you to deploy and manage settings for users and computers in a domain environment. While it offers flexibility in configuring settings, preventing users from deleting mapped drives is typically done through Administrative Templates settings rather than Group Policy Preferences.
4. D. Software Restriction Policies
  Explanation
  Software Restriction Policies are used to control which applications are allowed to run on a computer. While they can help restrict unauthorized software, they do not directly address the issue of preventing users from deleting mapped drives. Modifying Software Restriction Policies in the APP1Deploy GPO would not prevent users from deleting the mapped drive for App1.
Correct!

Wrong!

Overall explanation

Correct Answer: C
32 Users in branch office 2 map drives to shared folders on SRV1. The users report that they cannot access files in the shared folders when the WAN link between branch office 2 and the main office is unavailable. When they attempt to access the files, they are prompted to enter their credentials but are denied access. You need to ensure that the users can access the shared folders if the WAN link fails. What should you do?
1. A. Instruct a desktop support technician to configure Offline Files on the Windows 7 computers.
  Explanation
  Configuring Offline Files on the Windows 7 computers will allow users to access files stored in shared folders even when the WAN link is unavailable. However, this solution may not address the issue of denied access when prompted for credentials.
2. B. Instruct a desktop support technician to configure BranchCache on the Windows 7 computers.
  Explanation
  Configuring BranchCache on the Windows 7 computers will allow users to cache content from shared folders locally, enabling them to access files even when the WAN link is down. This solution ensures that users can access the shared folders without being denied access.
3. C. Request that a domain administrator deploy a domain controller in branch office 2.
  Explanation
  Deploying a domain controller in branch office 2 may improve authentication and access to resources within the branch office network. However, this solution may not directly address the issue of accessing shared folders when the WAN link is unavailable.
4. D. Request that a domain administrator enable Universal Group Membership Caching for branch office 2.
  Explanation
  Enabling Universal Group Membership Caching for branch office 2 can help improve authentication performance by caching user group membership information locally. While this may enhance authentication processes, it may not directly resolve the issue of accessing shared folders when the WAN link is down.
Correct!

Wrong!

Overall explanation

Correct Answer: B
33 The help desk reports that the new computers experience intermittent failures that generate stop errors. You need to collect all the critical errors from the new computers. What should you configure?
1. A. a boot configuration data (BCD) store
  Explanation
  Configuring a boot configuration data (BCD) store is essential for collecting critical errors from new computers that experience intermittent failures and generate stop errors. The BCD store contains boot configuration parameters and controls how the operating system is started. By configuring the BCD store, you can capture and analyze critical errors that occur during the boot process.
2. B. debugging information
  Explanation
  Configuring debugging information may be useful for troubleshooting and diagnosing specific software or hardware-related issues, but it may not be the most effective solution for collecting all critical errors from new computers experiencing intermittent failures. Debugging information is more focused on identifying and resolving specific issues rather than capturing all critical errors.
3. C. event subscriptions
  Explanation
  Event subscriptions allow you to collect and forward events from remote computers to a central event log. While event subscriptions can be useful for monitoring and managing events across multiple computers, they may not be the most appropriate solution for specifically targeting critical errors from new computers experiencing intermittent failures.
4. D. the system protection settings
  Explanation
  Configuring the system protection settings is primarily related to creating restore points and backing up system files, rather than collecting critical errors from new computers experiencing intermittent failures. While system protection settings are important for system recovery and data protection, they are not directly related to capturing and analyzing critical errors for troubleshooting purposes.
Correct!

Wrong!

Overall explanation

Correct Answer: C
34 VPN users report that they cannot access shared resources in the branch offices. They can access shared resources in the main office. Users in the main office report that they can access shared resources in the branch offices. You need to ensure that the VPN users can access shared resources in the branch offices. What should you request?
1. A. that a change be made to the routing table on VPN1
  Explanation
  Requesting a change to be made to the routing table on VPN1 is the correct choice because the issue seems to be related to routing problems. By updating the routing table on VPN1 to include the necessary routes to the branch office shared resources, VPN users should be able to access them successfully.
2. B. that VPN1 be configured to support PPTP-based VPN connections
  Explanation
  Configuring VPN1 to support PPTP-based VPN connections is not the correct choice in this scenario. The issue is not related to the type of VPN connection being used, but rather to routing problems preventing VPN users from accessing shared resources in the branch offices.
3. C. that the routers between the main office and the branch offices be reconfigured
  Explanation
  Requesting the routers between the main office and the branch offices to be reconfigured is not the correct choice in this scenario. The issue seems to be specific to VPN users not being able to access shared resources in the branch offices, so reconfiguring the routers may not address the root cause of the problem.
4. D. that a DNS record for servers in the branch offices be added to the Internet DNS zone for fourthcoffee.com
  Explanation
  Requesting a DNS record for servers in the branch offices to be added to the Internet DNS zone for fourthcoffee.com is not the correct choice in this scenario. The issue is related to VPN users not being able to access shared resources in the branch offices, which is more likely a routing issue rather than a DNS problem.
Correct!

Wrong!

Overall explanation

Correct Answer: A
35 You deploy App1 on a test Windows 7 computer and notice that it fails to run. You need to ensure that App1 runs on Windows 7 computers. What should you do?
1. A. Digitally sign App1.
  Explanation
  Digitally signing App1 will ensure that the application is trusted by Windows 7 computers. This can help prevent security warnings or errors that may prevent the application from running successfully.
2. B. Develop and deploy a shim for App1.
  Explanation
  Developing and deploying a shim for App1 is not the most appropriate solution for ensuring that the application runs on Windows 7 computers. Shims are typically used to address compatibility issues with older applications on newer operating systems, not the other way around.
3. C. Configure an AppLocker policy.
  Explanation
  Configuring an AppLocker policy may restrict the execution of certain applications based on rules defined in the policy. While this can be a security measure, it may not directly address the issue of ensuring that App1 runs on Windows 7 comput
4. D. Configure a Software Restriction Policy.
  Explanation
  Configuring a Software Restriction Policy can help control which applications are allowed to run on a Windows 7 computer. However, it may not specifically address the issue with App1 failing to run. It is more focused on security and access control rather than application compatibility.
Correct!

Wrong!

Overall explanation

Correct Answer: B
36 An administrator modifies the external IP address of Web1 and creates a Hosts (A) record for website1.wingtiptoys.com on the external DNS servers. Your users report that they can no longer connect to website1.wingtiptoys.com from the Internet. You need to ensure that users can connect to website1.wingtiptoys.com from the Internet. What should you do?
1. A. Instruct the users to modify the DNS client settings on their computers.
  Explanation
  Modifying the DNS client settings on users' computers will not resolve the issue of users not being able to connect to website1.wingtiptoys.com from the Internet. The problem lies with the Hosts (A) record on the external DNS servers, not the DNS client settings on individual computers.
2. B. Instruct the users to remove an entry from the Hosts file that is located on their computers.
  Explanation
  Users need to remove any entry related to website1.wingtiptoys.com from the Hosts file on their computers. The Hosts file can override DNS resolution, so removing any conflicting entries will allow users to connect to the correct IP address for website1.wingtiptoys.com from the Internet.
3. C. Request that an administrator create a Pointer (PTR) resource record for the new IP address of Web1.
  Explanation
  Creating a Pointer (PTR) resource record for the new IP address of Web1 is not relevant to resolving the issue of users not being able to connect to website1.wingtiptoys.com from the Internet. PTR records are used for reverse DNS lookups and do not impact users' ability to access a website.
4. D. Request that an administrator create an alias (CNAME) resource record for website1.wingtiptoys.com.
  Explanation
  Creating an alias (CNAME) resource record for website1.wingtiptoys.com is not the correct solution to ensure users can connect to the website from the Internet. The issue is related to the Hosts (A) record for the website on the external DNS servers, not the need for a CNAME record.
Correct!

Wrong!

Overall explanation

Correct Answer: B
37 A group of users from office 2 travels to office 1 to work on a project. The users from office 2 report that they are unable to connect to the wireless network in office 1 from their portable computers. A help desk administrator manually provides the users with access to the wireless network. You need to ensure that the next time users from office 2 travel to office 1 they can connect to the wireless network in office 1. What should you request?
1. A. Link GPO1 to Office2-Users-OU.
  Explanation
  Linking GPO1 to the Office2-Users-OU will ensure that the users from office 2 have the necessary wireless network settings applied to their user accounts. This will allow them to connect to the wireless network in office 1 the next time they travel there.
2. B. Link GPO1 to Office2-Computers-OU.
  Explanation
  Linking GPO1 to the Office2-Computers-OU will apply the wireless network settings to the computer accounts in office 2. However, since the issue is with the users' portable computers, linking the GPO to the users' OU would be more appropriate to ensure they can connect to the wireless network in office 1.
3. C. Change the office attribute for the user accounts.
  Explanation
  Changing the office attribute for the user accounts may help in identifying the users from office 2, but it will not directly address the issue of connecting to the wireless network in office 1. The wireless network settings need to be applied through Group Policy to ensure connectivity.
4. D. Change the location attribute for the computer accounts.
  Explanation
  Changing the location attribute for the computer accounts may help in identifying the computers from office 2, but it will not directly address the issue of connecting to the wireless network in office 1. The wireless network settings need to be applied through Group Policy to ensure connectivity for the users' portable computers.
Correct!

Wrong!

Overall explanation

Correct Answer: B
38 The help desk reports that they receive many calls from remote users who cannot access Internet Web sites while they are connected to the VPN. The help desk instructs the users to manually configure the VPN connection so that the users can access Internet Web sites while connected to the VPN. You need to provide a recommendation to reduce the number of calls to the help desk regarding this issue. What should you recommend?
1. A. Deploy a Network Policy Server (NPS).
  Explanation
  Deploying a Network Policy Server (NPS) may help with authentication and authorization for VPN connections, but it will not directly address the issue of remote users not being able to access Internet Web sites while connected to the VPN. This recommendation may not reduce the number of calls to the help desk regarding this specific issue.
2. B. Replace the SSTP-based VPN with a PPTP-based VPN.
  Explanation
  Replacing the SSTP-based VPN with a PPTP-based VPN may change the VPN protocol used, but it is unlikely to solve the problem of remote users not being able to access Internet Web sites while connected to the VPN. This change may introduce security risks as PPTP is considered less secure than SSTP.
3. C. Issue computer certificates from a trusted root certification authority (CA) to all remote users.
  Explanation
  Issuing computer certificates from a trusted root certification authority (CA) to all remote users may enhance security for VPN connections, but it will not directly address the issue of remote users not being able to access Internet Web sites while connected to the VPN. This recommendation may not reduce the number of calls to the help desk regarding this specific issue.
4. D. Create and distribute Connection Manager Administration Kit (CMAK) profiles to all remote users.
  Explanation
  Creating and distributing Connection Manager Administration Kit (CMAK) profiles to all remote users can help streamline the VPN connection process and ensure that the necessary settings are configured correctly. By providing users with pre-configured profiles, they are less likely to encounter issues accessing Internet Web sites while connected to the VPN, ultimately reducing the number of calls to the help desk regarding this specific issue.
Correct!

Wrong!

Overall explanation

Correct Answer: D
39 A user's computer fails. The help desk provides the user with a new computer. The user's Documents folder is restored from the backup. The user reports that he can no longer access his encrypted files. The help desk recovers the files by using a data recovery agent (DRA). You need to ensure that when users receive new computers, they can access their encrypted files without administrative intervention. What should you request?
1. A. credential roaming be enabled
  Explanation
  Enabling credential roaming allows users to access their encrypted files without administrative intervention when they receive new computers. This ensures that the necessary credentials for accessing encrypted files are available to users on any device they use.
2. B. BitLocker be enabled on all computers
  Explanation
  Enabling BitLocker on all computers would provide encryption for the entire system drive, but it does not specifically address the issue of users accessing their encrypted files without administrative intervention when receiving new computers.
3. C. user accounts be trusted for delegation
  Explanation
  Trusting user accounts for delegation is related to allowing a service to impersonate a user to access resources on their behalf, but it is not directly related to ensuring users can access their encrypted files without administrative intervention when receiving new computers.
4. D. the CA be configured for key archival and recovery
  Explanation
  Configuring the CA for key archival and recovery is important for recovering encrypted files in case of data loss, but it does not address the specific requirement of allowing users to access their encrypted files without administrative intervention when receiving new computers.
Correct!

Wrong!

Overall explanation

Correct Answer: A
40 Several users in the sales department report that their user accounts are locked out shortly after they change their user passwords. You need to minimize the number of account lockouts that occur after the users change their passwords. What should you instruct the users to do?
1. A. Delete all entries from the Credential Manager vault.
  Explanation
  Deleting all entries from the Credential Manager vault can help resolve any cached credentials that may be causing the account lockouts. By clearing out the stored credentials, users can ensure that only the most up-to-date password is being used for authentication, reducing the likelihood of lockouts after password changes.
2. B. Change their passwords and then create a password reset disk.
  Explanation
  Creating a password reset disk is not directly related to minimizing account lockouts after password changes. While it can be a helpful tool for password recovery, it does not address the specific issue of users experiencing lockouts shortly after changing their passwords.
3. C. Change their passwords and then configure App2 to log on by using a service account.
  Explanation
  Configuring App2 to log on by using a service account is not a recommended solution for minimizing account lockouts after password changes. This action does not address the root cause of the lockouts and may introduce additional complexities in the authentication process.
4. D. Change their passwords and then log off and log back on to their computers.
  Explanation
  Simply logging off and logging back on to their computers after changing passwords may not be sufficient to prevent account lockouts. This action does not address any underlying issues that may be causing the lockouts, such as cached credentials or incorrect password synchronization.
Correct!

Wrong!

Overall explanation

Correct Answer: C

Top 50 Digital Marketing Interview Questions and Answers for 2025...

Key Areas Covered

Target Audience

Learning Outcomes

Prerequisites

Intended Audience

1 The chief financial officer (CFO) releases new guidelines that specify that only users from finance are allowed to run FinanceApp1. Users in the Marketing OU report that they can run FinanceApp1. You need to ensure that only users in the Finance OU can run FinanceApp1. What should you do?

Overall Explanation

2 Users in the ERPApp1 pilot project report intermittent application issues. You need to consolidate all application events for the users in a central location. What should you do?

Overall Explanation

3 The help desk reports that users in the Marketing OU print draft documents, e-mails, and other miscellaneous documents on Printer2. You need to recommend a solution so that marketing users print documents to Printer1 by default. What should you do?

Overall explanation

Overall explanation

5 The company purchases 500 USB flash drives from a new hardware vendor and distributes them to the users. The help desk reports that the users are unable to access the new USB flash drives. You need to ensure that users can save data on the USB flash drives. What should you do?

Overall Explanation

Overall explanation

Overall explanation

Overall explanation

Overall explanation

Overall explanation

11 Users in the research department report that they cannot run App1 or Windows XP Mode. You need to ensure that all research department users can run App1. You need to achieve this goal by using the minimum amount of administrative effort. What should you do?

Overall explanation

Overall explanation

13 The motherboard on a portable computer fails. The data on the computer's hard disk drive cannot be recovered. You need to recommend a solution to ensure that the data on hard disks can be recovered if the motherboard on other portable computers fail Which two configurations should you recommend?

Overall explanation

14 The help desk reports that several client computers in branch office 1 are missing security updates. You need to identify which security updates are missing. What should you request?

Overall explanation

15 The company hires an additional 100 users. The users are unable to install the custom application. You need to ensure that the users can install the custom application. What should you do?

Overall explanation

Overall explanation

Overall explanation

Overall explanation

Overall explanation

Overall explanation

21 Remote users report that after they renew their smart card certificates, they are unable to log on to their computers by using their smart cards. You need to ensure that users can log on by using their smart cards. What should you instruct the users to do?

Overall explanation

Overall explanation

23 Users report that it takes a long time to access resources by using DirectAccess. You need to provide the network administrator with a network capture of DirectAccess traffic. Which tool should you use?

Overall explanation

Overall explanation

Overall explanation

Overall explanation

27 The help desk reports that several users use the previous version of App1, which causes some data to become corrupt. You need to recommend a solution to prevent all users from using the previous version of App1. What should you recommend?

Overall explanation

28 Portable computer users report that they can use Internet Explorer to browse Internet Web sites only when they are connected to the company network. You need to ensure that portable computer users can access Internet Web sites from wherever they connect. What should you do?

Overall explanation

Overall explanation

Overall explanation

31 The application support team reports that the App1 data of some users is not saved to AppServer1. The team reports that the users deleted the mapped drive. You need to prevent the users from deleting the mapped drive. Which settings should you request be modified in the APP1Deploy GPO?

Overall explanation

Overall explanation

33 The help desk reports that the new computers experience intermittent failures that generate stop errors. You need to collect all the critical errors from the new computers. What should you configure?

Overall explanation

Overall explanation

35 You deploy App1 on a test Windows 7 computer and notice that it fails to run. You need to ensure that App1 runs on Windows 7 computers. What should you do?

Overall explanation

Overall explanation

Overall explanation

Overall explanation

Overall explanation

40 Several users in the sales department report that their user accounts are locked out shortly after they change their user passwords. You need to minimize the number of account lockouts that occur after the users change their passwords. What should you instruct the users to do?

Overall explanation

Top 50 Digital Marketing Interview Questions and Answers for 2025 - Part I

Excellent

Good

Need Improvement

Like it? Share with your friends!

What's Your Reaction?