Windows 7 Preset Exam A

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

You are the administrator for the Verigon Corporation's Active Directory domain. The network contains several subnets. A portion of your network is shown in the Network exhibit. (Click the Exhibit(s) button.) The router forwards BOOTP packets. Julie, a client on your network, is having trouble accessing resources on ServerA. No other computer on the network is having this trouble. You run the ipconfig /all utility on Julie's computer and receive the results shown in the IPConfig exhibit. (Click the Exhibit(s) button.) What change should you make on Julie's computer to fix her problem? (Choose all that apply.)

Change the subnet mask to 255.224.0.0. Explanation: You should change the subnet mask on Julie's computer to 255.224.0.0. This scenario has several subnets. The subnet mask 255.192.0.0 would provide four valid subnets, numbered 10.0.0.0, 10.64.0.0, 10.128.0.0 and 10.192.0.0. The network diagram shows the network addresses being 10.32.0.0, 10.64.0.0 and 10.96.0.0. For this to work, the subnet mask must include at least three bits masked. The number 224 is 11100000 in binary. The correct subnet mask for the network configuration shown is 255.224.0.0. This subnet mask will allow up to eight subnets, so that there is room for growth on the network. The valid subnet addresses with a mask of 255.224.0.0 would be 10.0.0.0, 10.32.0.0, 10.64.0.0, 10.96.0.0, 10.128.0.0, 10.160.0.0.0, 10.192.0.0, and 10.224.0.0. The proper default gateway is the router's IP address that is located on the same subnet as the client computer. The DNS Server settings on Julie's computer are correct. Julie's default gateway of 10.96.0.1 is correct. The only thing you must change is the subnet mask. Julie's subnet mask is set to 255.192.0.0. Any station that has an IP address of 10.64.0.1 to 10.95.255.255 is considered to be on the same subnet when the subnet mask of 255.192.0.0 is configured on the station. When Julie's computer with the IP address of 10.96.0.3 attempts to connect with Server A with an IP address of 10.64.0.2, Julie's computer will not send the request to her default gateway because Julie's computer believes Server A is on the same physical subnet. A computer checks the IP address of the destination computer against its own subnet mask. If the computer determines that the destination computer is on a remote subnet, then the computer will forward the request to the computer's default gateway. The default gateway will then route the request to the proper subnet. If the computer determines that the destination computer is on the local subnet, then the computer will not forward the request to the default gateway and the computer will attempt to connect to the destination computer directly. In this scenario, Server A is on a physically different subnet. To reach Server A, Julie's computer must forward the request to her default gateway of 10.96.0.1. The subnet mask of Julies computer must be changed to 255.224.0.0. Using a subnet mask of 255.224.0.0 and a 10.0.0.0 address, there are valid host ranges that may be located on each subnet. The first subnet can contain addresses in the range of 10.0.0.1 to 10.31.255.254. The second subnet can contain addresses in the range of 10.32.0.1 through 10.63.255.254. The third subnet can contain addresses in the range of 10.64.0.1 through 10.95.255.254. The fourth subnet can contain addresses in the range of 10.96.0.1 through 10.127.255.254. The fifth subnet can contain addresses in the range of 10.128.0.1 through 10.159.255.254. The sixth subnet can contain addresses in the range of 10.160.0.1 through 10.191.255.254. The seventh subnet can contain addresses in the range of 10.192.0.1 through 10.223.255.254. The final range is 10.224.0.1 through 10.255.255.254. To prevent problems like the one in the scenario from occurring, Microsoft recommends using a Dynamic Host Configuration Protocol (DHCP) server. The DHCP server would be responsible for handing out all IP addresses and subnet masks to client computers. You can configure the DHCP server to hand out other settings if needed, such as the DNS server. All other answers are incorrect. A subnet mask of 255.128.0.0 will creates subnets of 10.0.0.0 and 10.128.0.0. With a subnet mask of 255.128.0.0, Julie's computer will think Server A is on the same physical subnet. You should not configure Julie's computer with a default gateway of 10.64.0.1 or 10.32.0.1. The default gateway should be on the same physical subnet as Julie's computer. Objective: Configuring Network Connectivity Sub-Objective: Configure IPv4 network settings References: TechNet > TechNet Library > Windows > Windows Server > Windows Server 2008 and Windows Server 2008 R2 (Release Candidate) > Browse Windows Server Technologies > Networking > TCP/IP > TCP/IP (v4 and v6) Technical Reference > IP Version 4 (IPv4) > How IPv4 Works (TechRef) TechNet > TechNet Library > Windows > Windows Server > Windows Server 2003 > Product Help > Windows Server 2003 Product Help > Network Services > Managing Core Network Services > TCP/IP Core Networking Services > TCP/IP Concepts > Using TCP/IP > TCP/IP configuration items: TCP/IP TechNet > TechNet Library > Windows > Windows Server > Windows Server 2003 > Product Help > Windows Server 2003 Product Help > Network Services > Managing Core Network Services > TCP/IP Core Networking Services > TCP/IP Concepts > Using TCP/IP > TCP/IP configuration items: TCP/IP > IP Addressing

You work for a company that operates training facilities across the Southwest. All the computers in the training room are the same. You create a reference computer that has Windows 7, Microsoft Office 2007, and all necessary applications installed. You test the reference computer to ensure all applications and drivers work. You run the following command on the reference computer: sysprep /oobe /generalize What should you do next to create an image to distribute to the training facilities?

imagex /capture imagex /capture Explanation: You should use the imagex command with the /capture switch to create an image of the reference computer for distribution. You could capture the image to a shared folder on a server. In the following example, an image named MyImage.wim is stored on the Z: drive that is mapped to a server on the network: imagex /capture c: z:\MyImage.wim "Windows 7 image for training" The next thing you should do is copy the image from the network share to the client machine's local hard drive to continue the deployment procedure for the image of the master installation onto the client machine. In this example, you should type the following commands from the Windows PE command prompt and provide network credentials for appropriate network access: net use <drive letter>: \\Server1\Images copy <drive letter>:\Myimage.wim C: The net use command will connect the computer to the shared resource location where you have stored the image of the master installation, such as \\Server1\Images. The Copy command will copy the image of the master installation stored on network location to the local hard drive. In this example, Myimage.wim is the image file that is stored on the shared network location. You should not use the imagex /apply command immediately after performing Sysprep. You cannot apply the custom image to the hard drive of the client machine using ImageX without first copying the image of the master installation from the shared network location to the client machine's local hard drive. Only after doing so can you continue deploying the image of the master installation on the client. For example, you can apply the custom image stored as the Myimage.wim file to the local hard drive of the client machine using ImageX after copying the image using the following command from the Windows PE command prompt: \Imagex.exe /apply C:\Myimage.wim C: You should not run sysprep /audit or sysprep /quiet. You have already performed Sysprep with the /generalize switch to reset all Security IDs. You have also used the /oobe switch to ensure that the image will boot into Windows Welcome mode and run the mini-setup wizard when the image is applied to a new computer. There is no need to use the /audit switch to force the reference computer in audit mode. All the applications and drivers have been tested on the computer. The Sysprep command has the following switches: •/audit - Forces audit mode, which allows you to add drivers or applications. You can use this mode to test an installation before sending the image to a customer. •/oobe - Forces Windows Welcome Mode for Out-of-the-box experience (OOBE). The mini-setup wizard allows the user to create user accounts and name the computer. •/generalize - Prepares the reference computer to be imaged. Removes unique system information, resets Security IDs (SIDs), clears event logs, and deletes system restore points. •/shutdown - Shuts operating system down after Sysprep finishes. •/quiet - Suppresses on-screen confirmation messages when running Sysprep. •/reboot - Reboots the computer. Use this option to audit the computer if the reference computer behaves properly. •/unattend:answerfile - Use to specify an answer file to automate a Windows installation. Objective: Deploying Windows 7 Sub-Objective: Prepare a system image for deployment References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Deployment Tools Technical Reference > Sysprep Technical Reference > How Sysprep Works TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Deployment Tools Technical Reference > ImageX Technical Reference > ImageX Command-Line Options TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Deployment Tools Technical Reference > Sysprep Technical Reference > Sysprep Command-Line Syntax

You are the administrator of the Nutex Corporation's Active Directory domain. Your users have Windows Vista and Windows 7 computers. You are investigating a problem at a user's laptop. You need to find the following information: •The IP address of the DHCP server that issued the laptop its addresses •The physical address of the laptop's wireless network adapter •The IPv6 address of the laptop. What should you use to find the above information?

(missing picture # 2) Check the Network Connection Details of the wireless adapter Explanation: You should check the Network Connection Details of the wireless adapter. The Network Connection Details will display the IPv4 address, the IPv6 address, the physical address of the adapter, and the IP address of the DHCP server that issued the address to the computer. You should not run netstat -r from an Administrative command prompt. Running netstat -r will display the IPv4 route table and IPv6 route table of the computer. It is possible to find the IPv6 address and the IPv4 address of the network adapter. You can also find the physical address of the network adapter, but you cannot find the IP address of the DHCP server that issued the laptop its address. All other answers are incorrect because they do not display the IPv6 address of an adapter. The nbtstat utility displays NetBios statistics. The net computer utility is used to add or delete a computer to a domain. The rpcping utility is used to ping a computer based on an IP address and display RPC statistics. Objective: Configuring Network Connectivity Sub-Objective: Configure IPv6 network settings References: TechNet > TechNet Library > Network and Messaging > Networking > Internet Protocol Version 6 (IPv6) > Using Windows Tools to Obtain IPv6 TechNet > TechNet Library > Windows > Windows Server > Windows Server 2008 and Windows Server 2008 R2 (Release Candidate) > Browse Windows Server Technologies > Networking > TCP/IP > TCP/IP (v4 and v6) Technical Reference > IP Version 6 (IPv6) > IPv6 Tools and Settings (TechRef)

You are the administrator of a company that has offices in the cities of Birmingham, Atlanta, and Charlotte. Managers in each office need specific configurations for their Windows 7 computers. Each manager has created specific images for their office. Each office has a DHCP server with an active scope with plenty of available IP addresses. You want to ensure that managers in different offices do not deploy images that are not meant for their office. What should you do?

(missing pictures 1-4) Create image groups for each office in Windows Deployment Services. Grant the managers the appropriate permissions to their respective image groups. Explanation: You should create image groups for each office in Windows Deployment Servers. You should grant permissions to each manager for the respective image group. This will allow the appropriate managers access to their own images, and not allow all other managers to use images that are not for their office. All other options are incorrect. You cannot use any of the tabs on the Properties page of Windows Deployment Services to grant managers the permissions to create images in their own OUs. The Directory Settings tab can be used to specify a client name policy for a computer and a location in Active Directory where a computer can be installed. These settings apply to computers that connect to the WDS server via PXE. The Advanced tab can be used to specify the ports that can be used to connect to the WDS server. The Advanced tab is used to specify which domain controller and global catalog server the WDS server will use. You can also specify whether a WDS server will be authorized in this tab. The Network Settings tab can be used to specify the multicast address range and the port range used by the WDS server. Objective: Deploying Windows 7 Sub-Objective: Deploy a system image References: Windows Deployment Services Configuration for Zero Touch TechNet > TechNet Library > Windows > Windows7 > Windows 7 Technical Library Roadmap > Planning and Architecture > Choosing a Deployment Strategy > Zero-Touch, High Volume Deployment Internet Information Services > Preparation Activities for WDS TechNet > TechNet Library > Deployment > Server Deployment > Information Center:Documentation > Deployment Process > Microsoft Deployment > Preparing the Windows Deployment Services Server Microsoft Help and Support > How to edit a Windows Imaging Format file on a Windows Server 2003 Service Pack 1 (SP1)-based computer that is running Windows Deployment Services Copyright © 2015 Transcender, A Kaplan Professional Company. All Rights Reserved Instructions - Advanced Print - Print Page

You have several computers to which you must deploy Windows 7 images in your office. All of the computers have network adapters. You have a DHCP server with an active scope and plenty of available IP addresses. You want to ensure that only certain new computers can receive Windows 7 images, not all computers in your network. What should you do?

(missing pictures 1-6) On the PXE Response Settings tab of the WDS server, specify Respond only to known client computers. Explanation: You should configure the WDS server to respond only to known client computers by setting the following options on the PXE Response Settings tab. This will allow you to prestage a computer by its global unique identifier (GUID). In Active Directory Users and Computers, you can pre-create the computer account name for the new computer. When you create the new computer object, you can specify the GUID as the computer's unique ID. You can also specify the specific WDS server that the image will be retrieved from. All other options are incorrect. You cannot use the Network Settings tab, the Client tab, or the Directory Services tab of WDS to specify the WDS server to respond to only known computers. The Network Settings tab can be used to specify the multicast address range and the port range used by the WDS server. You can choose to use Multicast addresses from the DHCP server or specify a range of Multicast IP addresses. The Client tab is used to specify unattended installation. The Directory Settings tab can be used to specify a client name policy for a computer and a location in Active Directory where a computer can be installed. These settings apply to computers that connect to the WDS server via PXE. Objective: Deploying Windows 7 Sub-Objective: Deploy a system image References: how can I PRESTAGE a computer for WDS ?, using Active Directory Windows Deployment Services Configuration for Zero Touch Internet Information Services > Preparation Activities for WDS TechNet > TechNet Library > Windows > Windows Server > Windows Server 2008 and Windows Server 2008 RC > Windows Server 2008 Content By Category > Installed Help > Windows Deployment Services > Managing Windows Deployment Services > Configure <Server> Properties > PXE Response Settings Tab

You work for a company that manufactures hand-held music players. You need to create a training lab with computers that run Windows 7. The computers in the lab do not currently have the same hardware. You use one of the computers to create a Windows 7 reference computer. You need prepare the reference computer for imaging. You want to make sure that training computers have customized Windows images, additional device drivers, and additional applications. You want to test the validity of the installation before applying the image to the reference computer. Which Sysprep switch must you use?

/audit Explanation: You should use the /audit switch when performing sysprep. The Sysprep command has the following switches:• /audit - Forces audit mode, which allows you to add drivers or applications. You can use this mode to test an installation before sending the image to a customer. •/oobe - Forces Windows Welcome Mode for Out-of-the-box experience (OOBE). The mini-setup wizard allows the user to create user accounts and name the computer. • /generalize - Prepares the reference computer to be imaged. Removes unique system information, resets Security IDs (SIDs), clears event logs, and deletes system restore points. • /shutdown - Shuts operating system down after Sysprep finishes. • /quiet - Suppresses on-screen confirmation messages when running Sysprep. • /reboot - Reboots the computer. Use this option to audit the computer if the reference computer is behaves properly. • /unattend:answerfile - Use to specify an answer file to automate a Windows installation. You could type the following command to force the computer into audit mode upon reboot and reset all SIDs: sysprep /audit /generalize /reboot You should not use the /oobe switch. This switch forces the Windows Welcome Mode, not the audit mode. You should use the /oobe switch when preparing the computer for delivery. You could use the following command to prepare a computer for delivery: sysprep /oobe /generalize You do not have to use the /reboot switch. You must specify the /audit switch. The /reboot switch will reboot the computer after Sysprep finishes. You could always manually reboot the computer instead of using the /reboot switch. You should not have to use the /quiet switch. This switch will not force the computer into audit mode. Objective: Deploying Windows 7 Sub-Objective: Prepare a system image for deployment References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Deployment Tools Technical Reference > Sysprep Technical Reference > Sysprep Command-Line Syntax TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Deployment Tools Technical Reference > Sysprep Technical Reference > How Sysprep Works

You are the administrator for the Metroil Corporation. You need to create a script that will capture the IP address of the local area network adaptor and not the IP address of the wireless adaptor on a laptop. You create the following script: 1: $File="c:\temp\interface.txt" 2: $Interface="Local Area Network" 3: $IP= netsh interface ip show address $interface 4: $IP > $File 5: You want to keep a record of the IP address on the srv5.metroil.com server. What should you include in line number 5 and beyond?

5: $ServerStorage="\\srv5.metroil.com\laptop\laptop.txt" 6: Copy-Item $File $ServerStorage Explanation: You should add the following lines to the script: 5: $ServerStorage="\\srv5.metroil.com\laptop\laptop.txt" 6: Copy-Item $File $ServerStorage The Copy-Item cmdlet is used to copy files. In this scenario, the $File varible is the c:\temp\interface.txt file. Line 3 of the script saves the output of the netsh interface ip show address $interface command. This command will capture the IP addresss, mask and gateway of the computer. Line 4 of the script redirects this output to the c:\temp\interface.txt file. When you add lines 5 and 6, you are copying the c:\temp\interface.txt file to the laptop.txt file on the srv5.metroil.com server in the laptop share. You should not add the following lines to the script: 5: $ServerStorage="\\srv5.metroil.com\laptop\laptop.txt" 6: New-Item $ServerStorage -type file -force $File Nor should add these following lines to the script: 5: $ServerStorage="\\srv5.metroil.com\laptop\laptop.txt" 6: New-Item $ServerStorage -type file -force | $File The syntax of the powershell command of New-Item is incorrect. New-Item can be used to create a directory, file, or a powershell profile. The -type parameter can be a file or directory. The -force parameter is used to overide the default behavior. This parameter will ensure that if you receive a message that the file already exists, the command will replace the file with the new file. The above command will create a file named \\srv5.metroil.com\laptop\laptop.txt. The $File at the end of the statement will cause the statement to fail. You should not add the following lines to the script: 5: $ServerStorage="\\srv5.metroil.com\laptop\laptop.txt" 6: $File > $ServerStorage When you run $File > $ServerStorage, you are not redirecting the contents of the $File variable which is the information from the netsh interface ip show address $interface command, you are actually outputting the file name contained in the $File variable. The value of $ServerStorage will be c:\temp\interface.txt, not the actual IP address of the computer. Objective: Configuring Network Connectivity Sub-Objective: Configure remote management References: TechNet Home > Script Center > What Can I Do With Windows PowerShell? George Trifonov > Powershell file copy example. Copy-Item code snippet Microsoft Help and Support > How to use the NETSH command to change from Static IP address to DHCP

Your company has recently purchased inventory from an electronics company. You notice several unopened portable computers that have the following specifications:•1 GHz processor (64-bit) •2 GB RAM •60 GB hard drive with 30 GB of free disk space •Support for DirectX 9 graphics processor with WDDM 1.0 •A DVD-R/W drive •Windows XP SP2 or Windows Vista You plan to install Windows 7 on these computers. You will install a new copy of Windows 7 on the laptops that have Windows XP SP2. You want to upgrade the laptops that have Windows Vista. What must you do before you upgrade to Windows 7?

Add SP1 to Windows Vista Explanation: You must add service pack 1 (SP1) to Windows Vista. You are required to upgrade Windows Vista with SP1 before upgrading to Windows 7. Since the laptops sat on a warehouse shelf for some time, they do not have SP1 installed. You do not have to add a flash drive of 4 GB, or larger. You can use a USB drive that is larger than 4 GB to install Windows 7 if your computer does not have a network connection or DVD. However, the laptops that are in this scenario have DVD drives. You do not have to add SP3 to Windows XP. There is no direct upgrade for Windows XP to Windows 7. After installing Windows 7 on the computer, you can use the User State Migration Tool (USMT) to copy files and user accounts to the new operating system. When you install Windows 7 on the laptop, a \WINDOWS.OLD directory will be created that contains all users accounts and documents from the previous operating system. USMT can be used to transfer accounts and files from the \WINDOWS.OLD directory. Although it is good practice to have the latest service pack on a computer, you do not have to have SP3 on the Windows XP because you are going to upgrade them with a fresh installation of Windows 7. A new install of Windows 7 is performed by choosing the Custom (advanced) option during the installation process. This option will keep your files, settings, and programs in the \WINDOWS.OLD directory unless you format or repartition the drive. You do not have to add a larger hard drive. You only need to have 20 GB of available disk space for a 64-bit processor to install the Windows 7 operating system. Objective: Installing, Upgrading, and Migrating to Windows 7 Sub-Objective: Upgrade to Windows 7 from previous versions of Windows References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Step-by-Step: Windows 7 Upgrade and Migration Microsoft > Products > Windows > Windows 7 > Windows 7 system requirements Windows 7 - Lifehacker's Guide to Upgrading to Windows 7 RC Softpedia > Vista SP1 to Windows 7 Upgrade

You are a worker at a plant that operates three different eight hour shifts daily. You and another worker, Troy, share the same computer. You operate the computer during the day shift. Troy uses the computer during the night shift. Both you and Troy use your own login accounts on the computer. You add a file named MySong.mp3 to the computer and encrypt the file. Click the Exhibit(s) button to see the file. You want Troy to be able to play the file on the same computer. What should you do?

Add Troy's certificate to the file Explanation: You must add Troy's certificate to the file to ensure that Troy can access the file. When a file is encrypted, the person who encrypted the file or the person with the Recovery Certificate can decrypt the file and access it. In Windows 7, you can add additional users who can decrypt the file by adding a certificate for the user which can decrypt the file. This is known as the EFS certificate. The user's certificate must be on the computer. If the user's certificate is not on the computer, you would have to export the certificate. This can be done by the following:1. Open Certificate Manager, double-clicking Personal, clicking Certificates and then highlighting the EFS certificate to export. 2. On the Action menu, choose All Tasks and click Export. This action will open the Certificate Export Wizard. Click Next to go beyond the opening screen. 3. Choose Yes, export the private key and click Next. 4. Choose Personal Information Exchange and click Next. You must add a password for the key. When a user imports this file later on another computer, they will type in this password. 5. Give the file a name and path. 6. On the other computer, you can import the EFS certificate by doing the following: 7. Open Certificate Manager and click Personal certificate to export. 8. On the Action menu, choose All Tasks and click Import. This action will open the Certificate Export Wizard. Click Next to go beyond the opening screen. 9. Navigate to the path where you exported the file, choose the file and click Next. 10. Type the password that set earlier. Choose Mark this key as exportable and click Next. 11. Choose the option to Place all certificates in the following store. Choose the Personal store and click Next. You should not give Troy Give Troy Allow Full Control or Allow Modify permissions to the file. Even if Troy has permissions to the file or is the owner of the file, Troy will not be able view, execute or modify the file because the file is encrypted. Troy would need to have an EFS certificate to view execute or modify the file. You should not use the Attrib command to remove the System attribute on the file. This option will remove a System attribute on a file, but will not remove encryption on a file. You could use the Cipher command to remove encryption on a file or you could uncheck Encrypt contents to secure data in the Advanced Attributes of a file to remove encryption. Objective: Configuring Access to Resources Sub-Objective: Configure file and folder access References: Windows Help and How-to > Troubleshoot encrypted files and folders

You are the administrator of the Nutex Corporation's Active Directory domain. Your users have Windows Vista and Windows 7 computers. Members of the Sales department frequently travel. While out of the office, they connect to the network through the VPN. Several of the sales people complain that they cannot connect to the FQDNs of appv6.nutex.com and sql22.nutex.com. The IP addresses of the servers are registered in the DNS. The same users can connect to these servers by FQDN while in the office, but they can only connect to the servers if they enter the IP addresses when connecting through the VPN. You plan on developing a new strategy for remote access, but that will not be implemented until next quarter. What can you do to ensure that sales people can connect to the servers in the Nutex domain while out of the office?

Add all IP addresses of the servers to the local HOSTS file on the sales people's laptops. Explanation: You should add all IP addresses of the servers to the local HOSTS file on the sales people's laptops. A HOSTS file can be used to resolve the host names of servers that have an A (IPv4 host record) or AAAA (IPv6 host record) in DNS. An example of a HOSTS file could be the following: 2001:db8::10:2aa:ff:fe21:5a88 appv6.nutex.com appv6 2001:db8::10:2aa:ff:fe21:5b28 fsv6.nutex.com appv6 10.88.16.200 fs12.nutex.com fs12 10.88.16.210 sql22.nutex.com sql22 A HOSTS file can aid in name resolution for the sales people when they are outside the office. When a user attempts to resolve a name, the computer will first look in its cache to resolve the query. Next, the local HOSTS file is searched, and then the request is sent to the preferred DNS server. If the preferred DNS server does not answer, it will send a request to the alternate DNS server. If the preferred DNS server does return an answer or returns the wrong answer, the computer will not send a request to the alternate DNS server. If the user cannot connect to any of the DNS servers, the HOSTS file can provide name resolution. There is not a separate HOSTS file for IPv6 addresses. A HOSTS file can be used to specify the IPv6 addresses of a server as well as the IPv4 addresses of a server. You should not add the IP addresses to the SERVICES file. The SERVICES file identifies the services and ports that are used by those services on the computer. The SERVICES file does not resolve host records. There is not a separate SERVICES file for IPv6 services. Objective: Configuring Network Connectivity Sub-Objective: Configure IPv6 network settings References: TechNet > TechNet Library > Network and Messaging > Networking > Evaluate and Plan > TCP/IP Fundamentals for Windows > Chapter - Host Name Resolution

You are a desktop support technician for the Verigon Corporation. Verigon sells a turnkey system to independent automotive repair shops. The turnkey software runs on Windows 7. You must install Windows 7 on 50 new computers to be placed in the repair shops. All computers will be installed with the following configuration settings: •The OEM manufacturer should be Verigon •The OEM support URL should specify support.verigon.net •The OEM logo should specify e:\VerigonLogo.bmp You want to boot each computer with the Windows 7 DVD and automate the installation. You create an answer file and store it on a USB drive. What must you name the answer file on the USB drive when you boot the computer with the Windows 7 DVD to install the operating system?

Autounattend.xml

You have a laptop that runs the Windows 7 operating system. You have made several backups of your computer to an external drive. You create a system image of your backup two days ago to the same external drive. You notice that several folders of music files and photos under the C:\My Files directory were inadvertently deleted yesterday. You attach the external drive to your computer and boot your computer with a system repair disk. You access the System Recovery Options menu. What should you choose to restore the folders of music files and photos were deleted?

Choose System Image Recovery Choose System Image Recovery Explanation: You should choose System Image Recovery from the System Recovery options. A system image backup is a personalized backup of the partition. This backup will contain system files, program files, and user data, such as personal folders of music files and photos. With a system image recovery, all items on the image will be restored to the point time in which they were backed up. You cannot choose individual items to restore. You should not choose System Restore. System Restore does not affect files such as music files, photos, or documents. System Restore only affects program files, system files, executable files, scripts, batch files, and registry settings. If you wanted to restore personal files such as folders of music files and photos that were deleted from the System Recovery options, you would have to choose System Image Recovery. You should not choose Startup Repair. Startup Repair is designed to fix damaged system files or replace missing system files. Startup Repair cannot protect against virus attacks, nor fix hardware failures such as a bad disk or incompatible memory. Startup Repair also cannot recover personal files. You cannot run wbadmin start restore c:\My Files x:\backup path after choosing Command Prompt from the System Recovery options. The wbadmin utility is used to perform a one-time backup of a computer. You cannot use wbadmin start restore to restore data. You must use wbadmin restore catalog to restore a catalog stored on a disk. Although it was not given as an alternative, you could use the following to restore a catalog from a backup store on disk E: wbadmin restore catalog -backupTarget:E Objective: Configuring Backup and Recovery Options Sub-Objective: Configure system recovery options References: Windows > Help and How-to > What are the system recovery options in Windows 7

You are the administrator for the Verigon Corporation. You support salespeople that are mobile and require access to intranet resources when they travel. You plan to implement a DirectAccess network solution to provide secure network access to intranet resources. You upgrade all your servers to Windows Server 2008 R2 and upgrade all clients to Windows 7. You create a GPO and link it to the OU that contains all the salespeople's laptops. You want to add an entry into the GPO to ensure all client stations are Teredo clients to the Teredo server. What branch of the policy must you use to set the appropriate setting?

Computer Configuration\ Policies\ Administrative Templates\ Network\ TCPIP Settings\ Ipv6 transition Technologies Explanation: You can use a GPO to configure Windows 7 computers as clients to Teredo servers. To do so, enable the Computer Configuration \ Policies \ Administrative Templates \ Network \ TCPIP Settings \ Ipv6 transition Technologies \ Teredo State=Enterprise Client. You should enable the above setting in a GPO and link the GPO to the domain, a site, or an OU that contains the clients. You can also run the following netsh command on a Windows 7 computer to enable it as a client of a Teredo server: netsh interface ipv6 set teredo enterpriseclient <DNS name or IPv4 address of Server> All of the other answers are incorrect. You do not have to enable a setting under the path of Computer Configuration \ Policies \ Network \ Network Connections \ Windows Firewall in a GPO to enable a Windows 7 computer to be a client of a Teredo server. However, you should allow inbound and outbound ICMPv4 and ICMPv6 traffic to pass through the client's firewall. You do not have to set any settings under the path of Computer Configuration \ Policies \ Network \ Background Intelligent Transfer Services. Background Intelligent Transfer Services is not needed to configure a Teredo client or server. You do not have to set any settings under the path of Computer Configuration \ Policies \ Network \ Microsoft Peer-to-Peer Networking Services. Microsoft Peer-to-Peer Networking Services is not needed to configure a Teredo client or server. Objective: Configuring Mobile Computing Sub-Objective: Configure DirectAccess References: TechNet > TechNet Library > Windows > Window 7 > Windows 7 Technical Library Roadmap > Product Evaluation > DirectAccess Early Adopters Guide > Appendix D - Scripted and Group Policy DirectAccess Client Installation Instructions Windows Server 2008 R2 > Windows 7 >Step By Step Guide: Demonstrate DirectAccess in a Test Lab TechNet > IPv6 Blog > New Technical Resources for DirectAccess TechNet > TechNet Library > Using DirectAccess to Provide Secure Access to Corporate Resources from Anywhere TechNet > TechCenters > TechNet Magazine > Home > Issues > 2009 > May > Cable Guy DirectAccess and the Thin Edge Network

You are the administrator of a small branch office of the Verigon Corporation. You only have five computers that run the Windows 7 operating system in the branch office. In the main office, you have Windows Server 2008 R2 servers that have Remote Desktop Web Access and Terminal Services deployed. You want to ensure that the branch office users of the Windows 7 computers can run the Microsoft Office 2007 suite from their Start menu without having the program suite installed on their local computers. What should you do? (Choose two. Each correct answer is part of the solution.)

Configure a connection URL to the published program suite on the Windows 7 computers Configure a connection URL to the published program suite on the Windows 7 computers in the branch office. Ensure that the Microsoft Office 2007 program suite is installed on a server at the main office and distributed as a Remote App. Explanation: You should ensure that the Microsoft Office 2007 program suite is configured as a RemoteApp and made available on the Remote Desktop Web Access server. Remote Desktop (RD) Web Access in Windows Server 2008 R2 replaced the Terminal Services Web Access feature in Windows Server 2008. RD Web Access allows users to access RemoteApp programs and the Desktop Connection feature via the Start menu on a Windows 7 client computer or through a Web browser. RemoteApp and Desktop Connection allow the user to access RemoteApp programs on a virtual desktop environment hosted from a remote server. You should configure the connection URL to the published program on the Windows 7 computers in the branch office using the RemoteApp and Desktop Connections applet in Control Panel. Click Set up a new connection with RemoteApp and Desktop Connections to start a new connection. You should enter the host name of the Remote Desktop Web Access Server. In this example, the Remote Desktop Web Access Server is srv55.verigon.com. You will be prompted for credentials to authenticate with the server. Once you have authenticated the wizard will complete. The programs will be available from the Windows 7 clients on the Start menu under All Programs / RemoteApp and Desktop Connections. You should not perform an administrative install of the Microsoft Office 2007 program suite on a folder on a Windows Server 2008 R2 server in the corporate office and share the software in the folder. An administrative install copies the software in a folder so that it can be used to publish or assign the software via a Group Policy Object. You should not create a GPO that assigns or publishes the software and link the GPO to an OU that contains the branch office computers. When you assign the software, shortcuts will appear on the Start menu, and the software will install on the local computer when the user clicks on the shortcut or when the user clicks on a file extension that is registered to the software. When you publish software, shortcuts do not appear on the Start menu. However, the software will appear in Add/Remove Programs and will be installed locally when a user clicks on a file extension that is registered with the software. In this scenario, you did not want the software to be installed locally. Objective: Configuring Mobile Computing Sub-Objective: Configure remote connections References: TechNet > TechNet Library > Windows > Windows Server 2008 and Windows Server 2008 R2 > Browse Windows Server Technologies > Remote Desktop Services (Terminal Services) > Remote Desktop Services in Windows Server 2008 R2 > Getting Started > Deploying RemoteApp Programs to the Start Menu by Using RemoteApp and Desktop Connection Step-by-Step Guide TechNet > TechNet Library > Windows > Windows Server 2008 > Windows Server 2008 R2 Content > Installed Help for Windows Server 2008 > Remote Desktop Services > RemoteApp Manager > Remote Desktop Web Access > Overview of Remote Desktop Web Access (RD Web Access) (missing picture # 2)

You are the network administrator for the Verigon Corporation. All your client stations are running Windows 7. The following is a partial diagram of your network: Workstation1, Workstation2, and Workstation3 on Subnet A have static addresses. Users from these Windows 7 computers on Subnet A access files on servers on Subnet B. You plan to add another Windows 7 computer to Subnet A. You must configure the new computer to access file servers with the least administrative effort. What should you do?

Configure the new station with a static address 169.254.223.111/16 with a gateway of 169.254.0.1 Explanation: You must configure the new station with a static address 169.254.223.111/16 with a gateway of 169.254.0.1. The new station must have an IP address that is within the range of IP addresses of the subnet. You can either configure a static address or get a leased address from a DHCP server. In this scenario, there is not a DHCP server on Subnet A. The DHCP server is on Subnet B. A client issues a DHCP broadcast to a DHCP server to receive an IP address from a DHCP server. Routers do not pass broadcasts by default. A router that is RFC 1542 compliant can pass a BOOTP or DHCP broadcast. In this scenario, the router is not listed as RFC 1542 compliant and the DHCP server does not have an IP scope range for Subnet A. Subnet A has an IP range of 169.254.0.1 to 169.254.255.255. When you add a computer to a subnet with no DHCP server, the computer will use Automatic Private IP Addressing (APIPA) to receive an IP address. The computer will receive an address within the IP range of 169.254.0.1 to 169.254.255.255. However, the computer will not receive a default gateway with the address. While the new computer can communicate with Workstation1, Workstation2, and Workstation3 or any other computer on Subnet A, it will not be able to communicate with any computer that is not on its subnet. For the new computer to access servers on Subnet B, the new computer must have a default gateway of 169.254.0.1 configured. All other options are incorrect. If you set the network adapter to obtain an address automatically, the computer will default to APIPA and receive an address within the IP range of 169.254.0.1 to 169.254.255.255, but NO default gateway. You cannot configure the new station with a static address 169.254.111.222/16 with a gateway of 169.254.0.1. This address is currently being used by Workstation2 on Subnet A. You should not set the network adapter with an alternative configuration of 203.25.22.25/24 with a gateway of 169.254.0.1. An alternate configuration specifies an address for a computer if the user cannot get an address from a DHCP server. This way the computer does not have to rely on the APIPA address. The IP address of 203.25.22.25/24 is not within the range of addresses on Subnet A. Objective: Configuring Network Connectivity Sub-Objective: Configure IPv4 network settings References: TechNet > TechNet Library > Books, Magazines, and Columns > Microsoft Press Books > Windows Server > Windows Server 2008 > Windows Server 2008 Inside Out > Chapter 21: managing TCP/IP networking > Installing TCP/IP networking TechNet > TechNet Library > Windows > Windows Server > Windows Server 2008 and Windows Server 2008 R2 (Release Candidate) > Browse Windows Server Technologies > Networking > TCP/IP > TCP/IP (v4 and v6) Technical Reference > IP Version 4 (IPv4) > How IPv4 Works (TechRef) Microsoft Help and Support > How to use automatic TCP/IP addressing without a DHCP server TechNet > TechNet Library > Windows > Windows Server > Windows Server 2003 > Product Help > Windows Server 2003 Product Help > Network Services > Managing Core Network Services > TCP/IP Core Networking Services > TCP/IP Concepts > Using TCP/IP > TCP/IP configuration items: TCP/IP TechNet > TechNet Library > Windows > Windows Server > Windows Server 2003 > Product Help > Windows Server 2003 Product Help > Network Services > Managing Core Network Services > TCP/IP Core Networking Services > TCP/IP Concepts > Using TCP/IP > TCP/IP configuration items: TCP/IP > IP Addressing

You are the administrator for a domain in the Metroil Corporation. You have created some *.avi files that contain training lessons from the Human Resources department. It is mandatory that department employees view and pass a test based on the training lessons. The *.avi files do not work with older versions of Windows Media Player. Users should use version 12.0.0.1 or above of Windows Media Player to view the training lessons. To reduce help desk calls, you want to prevent users from being able to run versions of Windows Media Player prior to 12.0.0.1. What should you do?

Create a Group Policy Object linked at the domain, and create an executable rule to deny department employees from using version 12.0.0.0 or below of Windows Media Player. Filter the GPO by department. Explanation: You should create a Group Policy Object and use it to create an executable rule to deny Human Resources department employees from using version 12.0.0.0 or below of Windows Media Player. With AppLocker, you can create an executable rule that prevents a user or group from running older versions of an executable. In this scenario, you could create an executable rule that applies only to the department users that prevents a user from running a version of wmplayer.exe that is older than version 12.0.0.1. You can create this executable rule in either the local security policy on the computer, or a Group Policy Object (GPO). A GPO can be linked at the domain level, site level, or Organizational Unit (OU) level. When a GPO is applied at a particular level, it is applied to all users and computers in that level and below by default. You can filter a GPO to ensure that a GPO only applies to certain users or certain computers. Creating a GPO at the domain level will apply the settings of the GPO to all users and computers in the domain. However, if you filter the GPO only by the computers in a particular department, the GPO will only apply to the computers in that department. In this scenario, you could place all Human Resources department computers in a group and specify the group as the filter for the GPO. You could also create an OU that contains only the department users and computers, and link the GPO at the OU level. You should not use the local security policy to create an executable rule to deny department employees from using version 12.0.0.0 or below of Windows Media Player. The local security policy only applies to a single computer. You would have to repeat this task on each of the department's computers. You could easily apply these settings via GPO applied at the domain or OU level. You should not use a local security policy or a GPO to create a hash rule for wmplayer.exe on each department employee's computer and specify the 12.0.0.1 version of wmplayer.exe. A hash rule would only allow a user to use the 12.0.0.1 version of wmplayer.exe. This option would not allow a user to use a future update of wmplayer.exe. A hash rule only applies to a specific version of a file. Objective: Configuring Access to Resources Sub-Objective: Configure authentication and authorization References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Security and Protection > AppLocker Step-By-Step Guide > What Is AppLocker? TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Product Evaluation > Windows 7 AppLocker Executive Overview Windows Seven Forums > How to Create New Rules in Windows 7 AppLocker

You are the administrator of an Active Directory domain. All servers run Windows Server 2008 R2 and all client computers run Windows 7. You want to find who has changed Windows registry keys on the computers in the domain. What should you do?

Create a Group Policy object and link it to Create a Group Policy object and link it to the domain. Enable Audit objectaccess under Audit Policy. Explanation: You should create a Group Policy object (GPO), link it to the domain, and enable Audit object access under Audit Policy. The Audit object access policy allows you to enable auditing on files and registry keys. To enable auditing for files, you must have Audit object access policy enabled in a GPO or local security policy and you must enable auditing on the file, directory, or volume. You should not enable Audit policy change under Audit Policy. This policy audits attempts to change user rights assignment policy, audit policy, account policy or trust policy. This policy will not audit attempts to the registry. You should not enable Audit privilege use under Audit Policy. This policy audits each instance of a user exercising a user right. This policy will not audit attempts to the registry. You should not edit the Default Domain Controllers policy. This policy will only affect the computers that are contained in the Default Domain Controllers Organizational Unit (OU). These computers are domain controllers, not client computers. Objective: Monitoring and Maintaining Systems that Run Windows 7 Sub-Objective: Monitor systems References: TechNet > TechNet Library > Windows > Windows Server 2008 and Windows Server 2008 R2 > Browse Windows Server Technologies > Security and Protection > Security Auditing > Security Audit Policy Reference > Audit Policy Settings Under Local Policies\Audit Policy

You are the administrator of the Verigon Corporation. You want to make sure that all of the computers in the Accounting Organizational Unit (OU), which all run Windows 7 Enterprise Edition, use a signed application that is file version 2.0.4 or higher. Users have been resistant to using the new version. Some of the Accounting users have been using Remote Desktop to connect to a server in the Tax OU that has the 2.0.3 version of the application. Several of the computers in the Accounting OU will be replaced in a week when their lease runs out. What should you do to prevent accounting users from using a version of the application below 2.0.4?

Create a Group Policy that specifies an application control policy on the computers. Link the GPO to the Accounting OU and the Tax OU. Explanation: You should create a Group Policy that specifies an application control policy on the computers. You should link the GPO to the Accounting OU and the Tax OU. When you apply a GPO to an OU, that policy will apply to the objects in that OU, such as users and computers. In this scenario, linking the GPO to the Accounting OU and Tax OU would apply the settings in the GPO to the computers in the Accounting OU and the servers in the Tax OU. You can specify an application control policy with in a GPO. The application control policy should specify a publisher rule the application. You can specify the following in a publisher rule: •Publisher - name of the publisher •Product Name - name of the product (for example, Word is a product of Microsoft) •File Name - name of the file •File Version - version of the application You should specify that the file version should be equal to or above 2.0.4. You should not create an application control rule on each computer in the Accounting OU and the server in the Tax OU. This solution will not address any computers that are replaced in the Accounting OU. When you create an application control rule in the local security policy on a computer, that rule will only apply to that computer. If the computer is replaced, you must create another application control rule in the local security policy on the new computer. If you create the application control rule in a GPO, the GPO will apply to any new computers that are added into the Accounting OU. You should not create a Group Policy that specifies an application control policy on the computers and link the GPO to just the Accounting OU. This solution does not address the server in the Tax OU. Users from the Accounting OU can access the server in the Tax OU with Remote Desktop. While an Applocker policy on the computers in the Accounting OU would affect what applications the Accounting client computers could run, this Applocker policy applied to the Accounting OU would not affect what computers in another OU would run. You should not create a path rule, specify the install path for the application, and select the Disallowed option in the Security level droplist. This path rule will prevent users from executing application located in the specified folder. In this scenario, you want to ensure that users are able to execute scripts a particular version of the program. A path rule does not address this. You should use a hash rule instead. Objective: Configuring Hardware and Applications Sub-Objective: Configure application restrictions References: Redmondmag.com > AppLocker Reins in Applications TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Product Evaluation > Windows 7 AppLocker Executive Overview TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Product Evaluation > What's New For IT Pros in Windows 7 > What's New in Group Policy

You purchased several legacy laptops. The laptops support the minimal requirements to install Windows 7 Enterprise edition. These laptops will be used by your company's salespeople, who will conduct presentations from files stored on either USB drives or DVDs. Salespeople also store sensitive information on the hard drives. You want to ensure that if these laptops are stolen then the volumes, including the operating system drive, are encrypted. What must you do?

Create two partitions on each of the laptops. Explanation: You must have two partitions created on each of the laptops. To encrypt a drive that Windows 7 is installed on, you must have a laptop that incorporates a Trusted Platform Module (TPM) version 1.2 or higher, or it can boot from a removable USB drive. The laptop should also have at least two partitions in place: a system partition for files needed to start the computer, and an operating system partition to contain the Windows operating system files. When you encrypt the drive that contains the Windows operating system, the encryption key and decryption key used by BitLocker are not stored on the drive that contains the Windows operating system but on a separate device, such as a USB flash drive. If the computer does not have a TPM version 1.2 or higher installed, you cannot store the encryption and decryption keys on a removable USB drive. You can use this option if your system administrator has set up your network to allow the use of a startup key instead of the TPM. However, you cannot use a startup key to unlock your operating system drive if you use BitLocker on removable drives. In this scenario, you are encrypting the fixed drive in the computer. You should not ensure the computers have a Trusted Platform Module version 1.1 or higher. If you choose to use the TPM to store the encryption key and decryption key used by BitLocker, the TPM module must be version 1.2 or higher, not 1.1 or higher. You should not create a virtual hard disk (VHD) on a USB device. This action will not allow you to implement BitLocker. You would need to have a bootable USB device to store the encryption and decryption keys, but you do not need a VHD on the USB device. You should not ensure that each laptop has a hard drive of at least 4 GB that has a single partition formatted in NTFS. You will need to have at least two partitions: a system partition, and a partition that contains the volume for the operating system files. Objective: Configuring Mobile Computing Sub-Objective: Configure BitLocker and BitLocker To Go References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Security and Protection > BitLocker Drive Encryption Deployment >Getting Started with BitLocker Drive Encryption Windows 7 Help > Help and Support > Hardware requirements for BitLocker Drive Encryption

You work for a company that sells home electronics. You have several stores in multiple regions. You have created an image of a Windows 7 installation that you will send to the stores to use to format their computers. You must apply some software updates and language packs to the image before sending it out. What utility should you use to do this?

DISM Explanation: You should use Deployment Image Servicing and Management (DISM). This utility can do the following:• Add updates to an offline Windows image, such as device drivers, language packs and software updates. • Configure international settings in Windows 7 • Enable Windows features. You can also use the Windows System Image Manager to validate settings in an answer file or view all settings of a .wim file that can be configured. Windows SIM is an upgrade to Pkgmgr.exe. Pkgmgr is a command-line tool introduced in the Windows Automated Installation Kit for Windows Vista that can be used to install, remove, or update Windows packages to offline images. It is not used in Windows 7. You should not use the PEImg utility. PEImg.exe is a built-in diagnostic tool that can modify offline Windows PE images or create Windows PE images for Windows Vista. The Deployment Image Servicing and Management Tool, DISM, is the command line tool that replaces PEImg in Windows 7. In this scenario, you wanted add the new drivers to an image that is not Windows PE. You cannot use PEImg to install language packs on an image. You should not run the Drvload utility. Drvload.exe is a built-in diagnostic tool in Windows PE that can be used to troubleshoot Windows 7. The Drvload.exe tool can be used to install device drivers to a booted Windows PE image. For example, if the Windows 7 Setup is unable to initialize a network adapter the computer, it may be possible that the driver for the network adapter is not installed. If the appropriate drivers for the network adapter are not installed, then Setup will not be able to find the network adapter. In this case, you want to add drivers to an image that is not a Windows PE image. You should not run Oscdimg. Oscdimg.exe is a tool that is used to create an image file for Windows. In this scenario, you do not have to create a new Windows image, but modify an existing Windows image. Objective: Deploying Windows 7 Sub-Objective: Prepare a system image for deployment References: TechNet > TechNet Library > Windows > Windows 7 > Windows Technical Library Roadmap > Deployment > Windows Automated Installation Kit > Windows Preinstallation Phases > Phase 5: Managing and Servicing Your Windows Image > Service an Offline Image > Walkthrough: Service a Mounted Windows Image Offline

You plan to install Windows 7 on several new computers. You have an image of Windows 7 Professional edition. What should you type to set the key for the image to the same key that came with your Windows 7 DVD

Dism /Set-ProductKey Explanation: You should run Dism /Set-ProductKey. You can use the Deployment Image Servicing and Management tool (DISM) to modify offline Windows images and offline Windows Preinstallation Environment (Windows PE) images for Windows Vista SP1, Windows Server 2008, and Windows 7. The /Set-ProductKey switch is used to add a product key to the image. You should not run Dism /Set-Edition. The /Set-Edition switch upgrades the version on the image. In this scenario, you wanted to set the product key of the image, not upgrade the image to another edition of Windows 7. You can use DISM to retrieve or modify information on the image by using the following commands: •/Set-Edition - Change the Windows Edition of a Windows Vista SP1, Windows Server 2008, or Windows 7 image. Use this switch to upgrade from Professional edition to Ultimate edition. •/Set-ProductKey - Adds a product key to a Windows Vista SP1, Windows Server 2008 or Windows 7 image that is offline. •/Apply-Unattend - Add an unattended file to a Windows Vista SP1, Windows Server 2008, or Windows 7 image. •/Cleanup-Wim - Cleans up any abandoned resources associated with a mounted image •/Add-Driver - Adds out of the box driver packages to a Windows Vista SP1, Windows Server 2008 or Windows 7 image that is offline. •/Remove-Driver - Removes existing driver packages from a Windows Vista SP1, Windows Server 2008 or Windows 7 image that is offline •/Set-UILang - Sets the default UI language for an image that is offline. •/Set-SetupUILang - Specifies what language will be used in setup. •/Add-Package - Adds packages to a Windows Vista SP1, Windows Server 2008, or Windows 7 image. •/Remove-Package - Removes packages from a Windows Vista SP1, Windows Server 2008, or Windows 7 image. •/Enable-Feature - Enables a specific feature in a Windows Vista SP1, Windows Server 2008, or Windows 7 image. •/Disable-Feature - Disables a specific feature in a Windows Vista SP1, Windows Server 2008, or Windows 7 image. You should not use sysprep /oobe or sysprep /generalize. Sysprep is used to prepare a reference computer for imaging. Neither the /oobe or the /generalize switch of Sysprep is used to set a product key on an image. The sysprep command has the following switches: •/audit - Forces audit mode, which allows you to add drivers or applications. You can use this mode to test an installation before sending the image to a customer. •/oobe - Forces Windows Welcome Mode for Out-of-the-box experience (OOBE). Mini-setup wizard runs allows user to create user accounts, name the computer. •/generalize - Prepares the reference computer to be imaged. Removes unique system information, resets Security IDs (SIDs), clears event logs and deletes system restore points. •/shutdown - Shuts operating system down after sysprep finishes. •/quiet - Suppresses on-screen confirmation messages when running sysprep. •/reboot - Reboots the computer. Use this option to audit the computer if the reference computer is behaves properly. •/unattend:answerfile - Use to specify an answer file to automate a Windows installation. Objective: Deploying Windows 7 Sub-Objective: Capture a system image References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Windows Preinstallation Phases > Phase 5: Managing and Servicing Your Windows Image > Service an Offline Image Windows Networking.com > Deployment Windows 7 - Part 1: Windows AIK 2.0 Enhancements Windows Networking.com > Deployment Windows 7 - Part 2: Windows AIK 2.0 Enhancements TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit > Deployment Tools Technical Reference > Deployment Image Servicing and Management

You have a computer that has Windows 7 Professional edition. You need to dual boot the computer between different configurations of Windows 7. You want to create a virtual hard disk (VHD) that has a Windows 7 image of Windows 7 Enterprise edition installed on it. You would like to have the option of choosing which edition of Windows 7 that you boot to. You create the following script to create the VHD: DISKPART CREATE VDISK FILE="c:\vhd7\win7.vhd" MAXIMUM=30000 SELECT VDISK FILE="c:\vhd7\win7.vhd" ATTACH VDISK CREATE PARTITION PRIMARY ASSIGN LETTER=Z FORMAT QUICK LABEL=Windows7 EXIT What must you do to be able to boot the computer to Windows 7 Enterprise edition or Windows 7 Professional edition?

Explanation: You should do the following: You should first apply the .wim image to VHD file with the ImageX utility from the Windows Automation Installation Kit. You can use the following command to apply the .wim image to the virtual hard drive that has the volume label Z: Imagex /apply d:\install.wim 1 z:\ The image is on drive D. The image index of 1 represents the edition of the Windows 7 operating system. In this case, 1 is the Enterprise Edition of the Windows 7 operating system. Once the image has been applied to the VHD, you need to use the BCDEdit.exe tool to add a boot entry for your VHD. You must open the command prompt with Administrative Privileges to run any BCDedit commands. To add an entry into the Boot Configuration Data (BCD) store, you must obtain the GUID of the load object. You should type the following: bcdedit /copy {current} /d "Windows 7 VHD" The /copy switch along with {current} will makes an entry for the Windows 7 VHD in the BCD store. More importantly, it will return the GUID of the load object for the BCD. You should then set the device vhd and the osdevice vhd parameters so that BCDEdit will locate the VHD file and Bootmgr will locate the partition that has the VHD file. bcdedit /set <guid> device vhd=[c:]\vhd7\win7.vhd bcdedit /set <guid> osdevice vhd=[c:]\vhd7\win7.vhd You should also specify detecthal on to detect the HAL: bcdedit /set <guid> detecthal on After entering the BCDedit command, you should run bcdedit /v to test if your boot entry was successful. You should not run sysprep /oobe to seal the .wim image on the VHD. Sysprep is used to strip security IDs from a reference computer. You should use Sysprep to prepare a computer for imaging. In this scenario, you want to apply an image to a VHD, not Sysprep the VHD. You should not run bcdedit /set debug on to find the GUID of the loader object. The debug switch enables the kernel debugger. You must specify the GUID of the boot entry to set the kernel debugger. The /set debug command will not display the GUID of the loader object. Objective: Deploying Windows 7 Sub-Objective: Configure a VHD References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit For Windows 7 RC > Windows Preinstallation Phases > Phase 4: Deploying Your Windows Image > Deploy Windows on a Virtual Hard Disk > Add a Native-Boot Virtual Hard Disk to the Boot Menu TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Virtual Hard Disks in Windows Server 2008 R2 and Windows 7 > Getting Started With Virtual Hard Disks > Appendix: Tools, Scripts, and APIs Windows Seven Forums > How to Create a Windows 7 VHD at Boot to Start with from Boot Windows 7: Boot from VHD First Impression: Part 1 Windows 7: Boot from VHD First Impression: Part 2 TechNet > TechNet Library > Windows > Windows Vista > Windows Vista Technical Library Raodmap > Deployment > Windows Automated Installation Kit > Deployment Tools Technical Reference > BCDEdit Command-Line Options

You are the administrator of a small Active Directory domain for a sporting goods company. The computers in your office run Windows 7 Enterprise Edition. You have installed a new printer and attached it to a Windows 7 computer. You want all users in the office to print to this printer. You have a group called Managers that includes supervisors in the office. You want to ensure all employees in the domain and the Managers group can print documents. The Managers group should also be allowed to change the print status of any document sent to the printer. What should you do? (Choose two. Each answer is part of the solution.)

Give the Users group the Print permission Give the Managers group the Manage Documents permission Explanation: You should give the Users group the Print permission and the Managers group the Manage Documents permission. You can set the following permissions on a printer: Print - allows all members of the Everyone group to send documents to a printer Manage Printers - allows a user to pause and restart the printer, change spooler settings, share a printer, adjust printer permissions and change the properties of the printer. The Administrators group and Power Users group are given this permission. Manage Documents - allows a user to pause, cancel, resume, restart, rearrange the order of print jobs submitted by all other users. The Creator Owner, the Administrators group, and the Power Users group are given this permission. You should give the Print permissions to the Users group and not to the Everyone group. All users in the domain are members of the global group named Domain Users. By default, the Domain Users group is a member of the local group Users on every computer in the domain. The Everyone group contains more than users of the domain. The group contains all built-in and administrator-defined groups and individual accounts, as well as the Guest account and any anonymous users. Anonymous users are those who log on without authentication. If you assign permissions to the Everyone group, anyone who can authenticate in the domain or on the local computer could print to the printer. In the scenario, you only wanted domain users to print to the printer. You should not give the Users group the Manage Printers permission. Only supervisors in the department should change the print status of any document sent to the printer, not all users. You should not give the Everyone group the Manage Documents permission. Only supervisors in the department should change the print status of any document sent to the printer, not all users or potential anonymous users and guests. Objective: Monitoring and Maintaining Systems that Run Windows 7 Sub-Objective: Monitor systems References: TechNet > TechNet Library > Windows > Windows Server > Windows Server 2003 > Product Help > Windows Server 2003 Product Help > Printer and Faxes > Printing > Printing Concepts > Understanding Printing > Assigning printer permissions

You are a salesperson who has been issued a Windows 7 laptop. You use a wireless Wide Area Network (WWAN) connection while you are traveling and a wireless Local Area Network (WLAN)/LAN connection when at customer locations and when at home or office. You must download large marketing brochures that tie up a lot of bandwidth and take a long time. You would like to switch from the slow and costly WWAN connection to a faster and less expensive WLAN connection during the middle of the download without having the download interrupted. What type of VPN connection should you configure to be able to switch connections without having the download interrupted?

IKEv2 Explanation: You should configure a VPN connection that uses IKEv2. IKEv2 allows you to have a tunnel that uses the VPN Reconnect feature in Windows 7. In Windows 7, VPN Reconnect uses IKEv2 for key negotiation and transmits ESP packets via an IPSec tunnel. When a user uses a client application that communicates with an application server, the client application may fail if the connection changes to another connection because the source IP address will change. With an IKEv2 tunnel, if the IP address of a LAN adapter or a Wireless adapter changes, the client internal IP is maintained. When a user is working a network application, the application sockets bind to the origin address of your computer. If the origin address changes when you move to different floors in a building, VPN Reconnect ensures the client internal IP address remains the same so the connection remains uninterrupted. All other answers are incorrect. PPTP, L2TP/IPSec, and SSTP are various types of VPN tunnels that you can configure on a Windows 7 computer. However, none of these VPN tunnels can make sure that the internal client IP address remains the same if the origin address changes. The origin address may change if you unplug the cable from a LAN adapter and uses a wireless adapter. Objective: Configuring Mobile Computing Sub-Objective: Configure remote connections References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Product Evaluation Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises > VPN Reconnect TechNet > Routing and Remote Access Blog >VPN Reconnect: A New Tunnel for Mobility TechNet > Routing and Remote Access Blog > Different VPN tunnel types in Windows - which one to use? TechNet > Routing and Remote Access Blog > Enhancements to VPN Reconnect in W7 RC

You are the administrator for the Verigon Corporation. Verigon has an Active Directory domain. All servers run Windows Server 2008 and all client computers use Windows 7. A salesperson travels to different offices. You want to ensure that when the salesperson prints reports in different offices that the salesperson automatically prints to the printer that was configured as the default printer for that office. What should you do?

In Devices and Printers, set Change my default printer when I change networks Explanation: You should open Devices and Printers, choose the printer and then click Manage default printers. You can specify the default printer for the specific network. You should choose the Change my default printer when I change networks option. This will allow the salesperson to have different default printer for the different offices that the salesperson travels to. You can specify pair the appropriate printer with the appropriate network. For a wireless network to appear in the Manage Default Printers dialog box, you must have previously connected to it. You should not choose the Always use the same printer as my default printer option. This option stops Windows from changing your default printer when you change networks. You cannot use Active Directory Users and Computers to assign the printer object as the default printer. You can specify printer objects in Active Directory Users and Computers, but you cannot specify a printer object as the default printer. You cannot use Active Directory Sites and Services assign the printer object to the correct office. You can define Active Directory sites, assign subnets to those sites and define the domain controllers for those sites in Active Directory Sites and Services. You cannot define default printers for a site through Active Directory Sites and Services. Objective: Configuring Network Connectivity Sub-Objective: Configure networking settings References: Windows > Products > Windows 7 features > Location-Aware Printing The I.T Massive > Windows 7 Features: Location-Aware Printing

You have a laptop that runs the Windows Vista operating system. You have purchased a new laptop that runs the Windows 7 operating system. There are 10 GB of files that you want to transfer over to the new laptop. You also have several custom fonts and drivers that need to be installed on the new computer for you to use with a custom application. Which method should you use to get the custom application onto the new laptop with the least administrative effort?

Manually install the application on the new laptop Explanation: In this scenario, you must manually install the application on the new laptop. You cannot use the Easy Transfer Wizard to move program files or system files such as fonts and drivers. You would have to install the application on the new laptop and ensure that the correct fonts and drivers were installed as well. Although you can use an Easy Transfer cable to transfer files and settings with the Easy Transfer wizard, you would not be able to use the Easy Transfer Wizard in this scenario. The Easy Transfer Wizard cannot transfer fonts, drivers, or program files. You cannot use a serial cable to transfer files or settings with the Easy Transfer Wizard. The Easy Transfer Wizard supports the use of a USB flash drive (UFD), a network connection, or an Easy Transfer cable. You cannot use NTBackup to backup the application and restore it on the new laptop. The NTBackup utility was used to backup files, directories and system state for Windows operating systems prior to Windows Vista. NTBackup is not available on Windows Vista or Windows 7. Objective: Installing, Upgrading, and Migrating to Windows 7 Sub-Objective: Migrate user profiles References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Step-by-Step Windows 7 Upgrade and Migration TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Windows Preinstallation Phases > Phase 1: Planning Your Deployment > Preinstallation Concepts > Understanding Upgrade and Migration

You are the administrator for the Verigon Corporation. All computers in all the sites use Windows Server 2008 R2 servers and Windows 7 workstations. You want to improve the performance of applications that use one of the HTTP or HTTPs protocols. The administrator at the main office wants to reduce wide area network (WAN) utilization while simultaneously increasing the responsiveness of network applications at other branch offices. You perform the following actions: You install the BranchCache feature on SRV55, SRV00, SRV18, SRV47, and SRV20. You create a GPO named BranchCacheVergion. You enable \Computer Configuration\Policies\Administrative Templates\Network\BranchCache. You enable \Computer Configuration\Policies\Administrative Templates\Network\BranchCache\Turn on BranchCache -Hosted cache mode in the GPO. You link the BranchCacheVergion GPO to Site1, Site2, Site3, Site4, and Site5. What must you enable on the Windows 7 clients each site to support Hosted Cache mode?

Modify the client firewall to allow incoming HTTP traffic. Modify the client firewall to allow incoming HTTP traffic. Explanation: You should modify the client firewall to allow incoming HTTP traffic. These firewall rules can be configured locally on the computer or in a GPO under \Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall with Advanced Security\Inbound Rules. When clients operate in Hosted Cache mode, they must receive incoming HTTP traffic from the Hosted Cache server. In this scenario, instead of using a GPO to enable a client to use Hosted Cache mode, you can use the following netsh command to do it: netsh branchcache set service mode=HOSTEDCLIENT LOCATION=srv55.verigon.com The above command sets srv55.verigon.com as the computer serving as a Hosted Cache. Also, running this command automatically configures the host firewall for Hosted Cache mode. You should not modify the client firewall to allow incoming WS-Discovery traffic. When clients operate in Hosted Cache mode, they must receive incoming HTTP traffic from the Hosted Cache Server. If the clients were operating in Distributed Cache mode, you would need to allow both incoming WS-Discovery traffic and incoming HTTP traffic. The WS-Discovery traffic requires UDP port 3702 to be open in Distributed Cache mode. You should not create a start-up script in the BranchCacheVergion GPO to run netsh winsock reset on the Windows 7 computers. This command resets the Winsock catalog back to its default setting, or clean state. This command is useful this in solving Internet access or networking problems after trying all other suggestions. This command will not improve the performance of applications that use the HTTP or HTTPs protocols, or enable a Windows 7 client to use Hosted Cache mode. You should not create a start up script in a GPO to run netsh winhttp set proxy <server>, where <server> is the BranchCache server in the site. This command is used to specify a proxy server for a client, not a BranchCache server. A proxy server can improve performance by caching HTTP content, but does not cache SMB content. A requirement of this scenario was to increase the responsiveness of network applications at other branch offices. These applications may use applications layer protocols that run over TCP/IP, such as SMB and HTTP, to access resources at different locations. The SMB protocol is used for file sharing and other processes. Objective: Configuring Access to Resources Sub-Objective: Configure BranchCache References: TechNet > TechNet Library > Windows > Windows 7 > Windows Technical Library Roadmap > Product Evaluation > Windows 7 and Windows Server 2008 R2 > BranchCache TechNet > TechNet Library> Windows > Windows 7 > Windows Technical Library Roadmap > Product Evaluation > BranchCache Early Adopter > Client Configuration

You have a Windows 7 computer that runs a critical application. The computer has a battery backup for use in case the computer loses power. You want to ensure that you have the highest disk data transfer performance possible. What should you configure on your computer?

On the device Properties page, check Turn off Windows write-cache buffer flushing on the device on the Policies tab. Explanation: You should check Turn off Windows write-cache buffer flushing on the device on the Policies tab of the disk device Properties page. The Enable write caching on the device setting is configured by default as a write caching policy. This setting allows write caching on the device. If you also enable the Turn off Windows write-cache buffer flushing on the device setting, disk performance can be further improved. However, your computer should have a redundant power supply or a backup power supply to be protected against power outages that might cause data loss. You should not enable Quick removal on the Policies tab of the device properties. This option will disable write caching, and will actually decrease performance. You should not change the Write debugging information to (none) on the Startup and Recovery setting of the system Properties page. When this setting is enabled, it will create a memory dump when a kernel error occurs. Configuring the setting not to create a memory dump will not increase performance. You should not choose Rebuild in the Advanced Options pane of the Index Options applet in Control Panel. This should be used to fix index problems such as slow searches of files or e-mails. This setting will not help improve data transfer. Objective: Monitoring and Maintaining Systems that Run Windows 7 Sub-Objective: Configure performance settings References: Windows Reference > Enable Disk Write Caching to improve performance in Windows 7 & Windows Server 2008

You are the administrator of a branch office of the Verigon Corporation. You want to ensure that all Windows 7 computers in your branch office meet the corporate health policy requirements. What should you configure on the Windows 7 computers? (Choose three. Each correct answer is part of the solution.)

Set the Network Access Protection Agent service to Automatic on the Windows 7 computers Run net start "Network Access Protection Agent" on the Windows 7 computers Run netsh nap client set enforcement ID = 79617 Admin = "ENABLE" on the Windows 7 computers Explanation: You should do the following to configure the Windows 7 computers to be Network Access Protection (NAP) clients: Set the Network Access Protection Agent service to Automatic on the Windows 7 computers Run net start "Network Access Protection Agent" on the Windows 7 computers Run netsh nap client set enforcement ID = 79617 Admin = "ENABLE" on the Windows 7 computers You must have the Network Access Protection Agent service configured to Automatic. The default setting for this service is to be set at manual. You can configure the startup value for this service and any other services in a Group Policy Object. You should also start the service. You can use the net start command to start a service. You can use the napclcfg.msc to configure which enforcement clients will be enabled on the computer. The following graphic shows the DHCP Quarantine Enforcement Client to be enabled. This enforcement client is required to ensure that clients meet the health policy requirements before acquiring an IPv4 address. You can also enable the DHCP Quarantine Enforcement client by using the command netsh nap client set enforcement ID = "#####" Admin = "ENABLE". In this scenario, the ID for the DHCP Quarantine Enforcement client is 79617. You should not run netsh winsock reset on the Windows 7 computers. This command resets the Winsock catalog back to default setting or clean state. This command is useful this in solving Internet access or networking problems after trying all other suggestions. This command will not ensure that Windows 7 computers meet the corporate health policy requirements. You should not start the DHCP Client service or set the service to Automatic. This service is already set to start automatically by the default and does not need to be started. Objective: Configuring Mobile Computing Sub-Objective: Configure remote connections References: TechNet > TechNet Library > Windows > Windows Server > Windows Server 2008 and Windows Server 2008 RC > Windows Server 2008 R2 Content By Category > Installed Help for Windows Server R2 > Network Policy and Access Services > NAP Client Configuration > NAP Client Configuration Overview The Lazy Admin > Configuring the Vista NAP Client http://maximumpcguides.com/windows-7/what-is-the-network-access-protection-agent-napagent-service/

The network adapter in your computer has failed, so you have bought a new network adapter for your computer. The computer has Windows 7 Professional edition installed. The network adapter is the same model as the previous adapter and uses the same .sys driver file. You install the adapter and restart the operating system, but the adapter does not connect you to the network. What should you do to fix the problem?

Update the driver Explanation: You should update the device driver. The network adapter may use the same driver name, but the driver may be a different version. You can update a device driver by opening the properties window of the driver in Device Manager and choosing Update Driver. You should not need to enable the device. When you install a device that uses the same driver file, the device will be enabled. In this scenario, the driver is not the correct version. The adapter will display in Device Manager, but will have conflicts that may prevent the device from working. You should not roll back the device driver. You can roll back a device driver to get to a previous version of the driver. A newer version of the same adapter would more than likely use a newer version of the driver. You should not uninstall the driver. Uninstalling the driver will not solve the problem. When the computer is restarted, the driver will be reinstalled because of the plug and play nature of the device. Objective: Configuring Hardware and Applications Sub-Objective: Configure devices References: TechNet > TechNet Library > Windows > Windows Server 2008 and Windows Server 2008 R2 > Windows Server 2008 R2 Content by Category > Installed Help for Windows Server 2008 R2 > Device Management and Installation > Device Manager > Installing Devices and their Drivers > Update or Change a Device Driver PC Support > "How Do I Update Drivers in Windows?" eHow > How to Update Any Device Driver

You are an administrator for a startup company. Several of the company's sales people use their own laptops. A salesperson wants to be able to print sales orders to the printer in her home office or the printer in the satellite office without changing the printer in the software application. The salespersons laptop has Microsoft Office 2007, Windows 7 Home Premium edition and seven printers defined. What should you tell the salesperson to do?

Upgrade to Windows 7 Ultimate. Explanation: She should upgrade to the Windows 7 Ultimate version. The Ultimate edition and Professional edition of Windows 7 has Location-Aware printing as a feature. Location-Aware printing remembers which network and printer that you used. When you change networks, Windows 7 automatically changes the default printer to the printer that you used on that network. You must specify that the appropriate printer in each office is set as the default printer. Location-Aware printing allows you to have a different default printer for each network. Each location must have a default printer. You can manage the default printers in Devices and Printers. You should configure the Change my default printer when I change networks to ensure that each office will have the appropriate default printer. For a wireless network to appear in the Manage Default Printers dialog box, you must have previously connected to it. You do not have to have IPv6 enabled on the laptop to use Location-Aware printing. Location-Aware printing is not dependent on IPv6. You do not have to have Reliable Multicast Protocol (RMTP) enabled on the laptop. RMTP is a reliable multicast transport protocol that provides sequenced, lossless delivery of a data stream from one sender to a group of receivers. Location-Aware printing is not dependent on Reliable Multicast Protocol. Objective: Configuring Network Connectivity Sub-Objective: Configure networking settings References: Windows > Products > Windows 7 features > Location-Aware Printing The I.T Massive > Windows 7 Features: Location-Aware Printing

You recently received several computers from a branch office. You want to install Windows 7 on the computers without losing word documents or spreadsheets stored on the computer or the existing software settings. The computers have the following specification: •1 GHz processor (64-bit) •1 GB RAM for a 32-bit processor / 2 GB RAM for a 64-bit processor •30 GB of available disk space •Support for DirectX 9 graphics processor with WDDM 1.0 •A DVD-R/W drive •Windows XP SP3 What should you do before installing Windows 7 on the computer if you want to retain all files, settings, and programs already on the computers?

Upgrade to Windows Vista SP1 Explanation: You should upgrade the computers to Windows Vista SP1. You cannot perform an in-place upgrade from Windows XP SP3 to Windows 7. You can upgrade the Windows XP SP3 operating system to Windows Vista to retain all files, settings, and programs. After installing SP1 on the Windows Vista operating system, you can perform an in-place upgrade from Windows Vista SP1 to Windows 7 to retain the files, settings, and programs that were originally on the Windows XP SP3 computers. You do not have to add more RAM to the computers or add larger hard drives. The following lists the minimal requirements for Windows 7: •1 GHz processor (32- or 64-bit) •1 GB RAM for a 32-bit processor / 2 GB RAM for a 64-bit processor •16 GB of available disk space for a 32-bit processor and 20 GB of available disk space for a 64-bit processor •Support for DirectX 9 graphics processor with WDDM 1.0 or higher driver. •A DVD-R/W drive or a USB flash drive with at least a 4GB capacity. In this scenario, the 1 GHz processor is sufficient to run Windows 7. The 30 GB drive should be able to accommodate a new installation of Windows 7 and the upgrade to Windows Vista from Windows XP SP3. You can use the migsetup.exe file in the \Support\Migwiz directory on the Windows 7 DVD to start the Easy Transfer Wizard. Since there is no in-place upgrade for Windows XP to Windows 7, you can use the Easy Transfer Wizard to transfer all Desktop items, shared documents, shared music, shared pictures, shared videos, program settings, Windows settings, and other files to an external hard drive, USB flash drive, or network drive. After installing Windows 7 on the computer, you can use the Easy Transfer Wizard to copy files and settings to the new operating system. You can also use the User State Migration Tool (USMT) to copy files and user accounts to the new operating system after you have installed Windows 7. When you install Windows 7 on a computer, a \WINDOWS.OLD directory will be created that contains all user accounts and documents from the previous operating system. USMT can be used to transfer accounts and files from the \WINDOWS.OLD directory. You should not run gbunicnv.exe in the \Support\Tools to save all files, settings, and programs. This file is used to convert GB18030 plain text and HTML files to unicode and vice versa. Objective: Installing, Upgrading, and Migrating to Windows 7 Sub-Objective: Upgrade to Windows 7 from previous versions of Windows References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Step-by-Step: Windows 7 Upgrade and Migration Microsoft > Products > Windows > Windows 7 > Windows 7 system requirements Windows 7 - Lifehacker's Guide to Upgrading to Windows 7 RC Softpedia > Vista SP1 to Windows 7 Upgrade

You are the desktop support technician of the Verigon Corporation. The client computers on the network run Windows 7. You create two digitally signed .VBS scripts and place them in a shared folder named \\Server1\SecureScripts on the verigon.com domain. You want to ensure that users in the verigon.com domain are able to run only the two .VBS scripts in the shared folder. You do not want any other scripts in the folder to be run. You want to prevent users from running any modified or new version of the existing scripts at this time. You will allow users to run the other scripts from this shared folder in the future, once all bugs are fixed in the other scripts. What should you do? (Choose two. Each correct answer is part of the solution.)

Use AppLocker to create a script rule with the Action set to Deny Domain Users. Specify the path of \\Server1\SecureScripts and add a file hash exception for the two .VBS scripts. Explanation: You should use AppLocker to create a script rule that has the Action to Deny Domain Users and specify the path of \\Server1\SecureScripts and add a file hash exception for the two .VBS scripts. In Windows 7 and Windows 2008 Server R2 you can use AppLocker define rules for executables, Windows installer files, and scripts. In this scenario, you only want the users to be able to run two scripts in a shared folder. You do not want them to run the other scripts in the folder. You can create a script rule that defines the path of \\Server1\SecureScripts and specify that all domain users are denied. This action will deny all domain users to the folder. In order for users to access anything in that folder, you must specify an exception. You can specify an exception by publisher, path, or file hash. •Path - specify a path that may be excluded from a rule •Publisher - specify publishing conditions including Publisher, Publisher Name, File Name, File Version, or custom values. •File Hash - specify the file based on the file's hash. You cannot use a File Hash exception on a File Hash rule. A file hash exception would allow the users to execute only the specific version of the two files based on their hash. If the files were modified or copied over, the files would have a different hash. You should not create a script rule that has the Action to Allow domain users, because this will allow all of the domain users to execute the .VBS scripts. You should not specify the path for \\Server1\SecureScripts and add a publisher exception for the two .VBS scripts. A publisher exception will not take into account whether the scripts were modified. You must use a file hash exception for that. You should not create a path rule, type *.VBS in the Path field, and select the Basic User option in the Security level droplist. In this scenario, you want to ensure that users are able to execute two scripts in the SecureScripts folder. Selecting the Basic User security level for the path rule that specifies *.VBS, will allow users to run all the .VBS scripts as a standard user. You should not create a path rule, type \\Server1\SecureScripts\*.VBS in the Path field, and select the Disallowed option in the Security level droplist. This path rule will prevent users from executing scripts located in the SecureScripts folder. In this scenario, you want to ensure that users are able to execute scripts two in the SecureScripts folder. Objective: Configuring Hardware and Applications Sub-Objective: Configure application restrictions References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Security and Protection > AppLocker Step-By-Step Guide > What Is Applocker? Redmondmag.com > AppLocker Reins in Applications Windows Vista TechCenter > Reference > Security and Protection > Windows Vista: Using Software Restriction Policies to Protect Against Unauthorized Software Windows Server TechCenter > Windows Server 2003 Technical Library > Windows Server 2003: Product Help > Windows Server 2003 Product Help > Security > Software Restriction Policies > Software Restriction Policies How To... > Create a path rule BETA - Planning and Deploying Windows AppLocker Policies.pdf

You have a Windows 7 computer. You use your Web browser to connect to a partner's Web site. The partner's Web site requires a user account and password. You automatically logon to the partner's Web site without being prompted. After 42 days, you receive the following error from the partner's Web site: "User account or password is invalid" What should you do to fix the problem?

Use Credential Manager to update your (missing picture # 2) Use Credential Manager to update your password for the URL for the Web site. Explanation: You should use Credential Manager to update your password for the URL for the Web site. Credential Manager can manage Windows credentials, certificate-based credentials and generic credentials. In this scenario, a generic credential for an Internet address may have been used by the partner company's Web site. A certificate-based credential could have also been used by the partner company's Web site. You can use Credential Manager to store credentials you use to log on to Web sites or computers. With a stored credential, a user can automatically logon to Web sites or computers without being prompted. In this scenario, the partner's Web site has either expired your account or the password for your account has expired. You can use Credential Manager to update your password for the Web site. You should not delete the temporary Internet files in Internet Explorer. The temporary Internet files of Internet Explorer contain copies of webpages, images and media that are saved for quick viewing. The problem in this case is that your password for your account has expired. Deleting temporary Internet files in Internet Explorer will not fix this problem. You should not enable SmartScreen Filter in Internet Explorer. The SmartScreen Filter in Internet Explorer 8 replaces the Phishing Filter in Internet Explorer 7. This filter is used to determine if a Web site is spoofed and may be used in a phishing scam or may contain threats to your computer. Although it may be a good idea to turn on SmartScreen Filter, it will not stop cookies, temporary internet files or history from being stored on the workstation and it will not fix this problem. You should not open the Web site using InPrivate Filtering. InPrivate Filtering helps prevent cookies, temporary internet files or history from being stored on the workstation. Any toolbars and extensions are disabled with inPrivate Filtering. In this scenario, the partner's Web site has either expired your account or the password for your account has expired. InPrivate Filtering will not fix this problem. Objective: Configuring Access to Resources Sub-Objective: Configure authentication and authorization References: Credential Manager in Windows 7

You have installed an application from a vendor. The application is behaving abnormally. The vendor tech support hotline has recommended that you repair the application. What must you do?

Use Programs and Features in Control Panel Explanation: You should use Programs and Features in Control Panel. The Programs and Features applet allows you to see what applications have been installed, what updates have been installed, and what Windows features have been turned on or off. It also allows you to uninstall, change, or repair an application, or activate or deactivate Windows features. You should not use the Recovery applet in Control Panel. This applet will allow you to restore the computer from to an earlier point in time via a system restore point. This applet will not let you repair the application. You should not use Performance Information and Tools in Control Panel. This applet allows you to adjust visual effects, indexing options, and power settings, as well as other performance tools. This applet will not let you repair the application. You should not use Troubleshooting in Control Panel. This applet is designed to help you troubleshoot programs that need to run in an earlier version of Windows. This applet can also troubleshoot hardware, sound, system, and security issues. This applet will not let you repair the application. Objective: Monitoring and Maintaining Systems that Run Windows 7 Sub-Objective: Configure performance settings References: Microsoft.com > Windows 7 > Help & How-to home > Getting Started > Using Windows 7 > Uninstalling programs: frequently asked questions

You are the administrator for the Verigon Corporation. You have a startup problem with a Windows 7 computer. You want to do the following to troubleshoot the problem: •Capture information from the startup process in a text file •Display all the drivers that are being loaded during the startup process What should you do?

Use System Configuration to set Boot Log and OS boot information Explanation: You should use the System Configuration utility to set the Boot Log option and the OS boot information option. The msconfig.exe command loads the System Configuration utility. You can use this utility to perform a diagnostic startup to load basic devices and services only. You can specify different boot options for an operating system disable services, and choose to uncheck programs that on the startup tab to prevent the program from starting when you log in. The Boot Log option creates a file named Ntbtlog.txt in the %SystemRoot% folder that stores information from the startup process. The OS boot information option displays the names of the drivers as they are started on the screen during the booting process. You should not set the No GUI boot option. This option will prevent the Windows Welcome screen from displaying during the boot process. It will not display the names of the drivers as they are started on the screen during the booting process. You should not choose any of the options in Startup and Recovery. These options are used to create a memory dump file to diagnose problems. A memory dump will not display the names of the drivers as they are started on the screen during the booting process, or create a text file that has all the drivers that are being loaded during the startup process. Objective: Configuring Hardware and Applications Sub-Objective: Configure application restrictions References: The Windows Forum > Windows Help Forum > Windows Discussions > Windows Tips, Tutorials & Articles > MSCONFIG : The System Configuration Tool

You are the administrator for the Verigon Corporation. The U.S. branch has offices in five cities. You have a Windows 7 computer named WIN7C in Site 3. Click the Exhibit(s) button to view the network diagram. WIN7C runs an application that must securely connect to a Windows Server 2008 application server named SRV2K8 in Site1. You want to create an IPSec-based connection between WIN7C and SRV2K8. What should you configure?

Use Windows Firewall with Advanced Security to create a security rule between the IP address of WIN7C and SRV2K8 Explanation: You should use Windows Firewall with Advanced Security to create a security rule between the IP address of WIN7C and SRV2K8. In Windows Vista, Windows 7, and Windows Server 2008, you can use Windows Firewall with Advanced Security to create security rules for IPSec-based connections between Windows Vista, Windows 7, and Windows Server 2008 computers. You can specify IPSec tunneling between two endpoints in a Connection Security Rule. The Connection Security Rule can use an IPv6 or IPv4 address for the endpoints. All other choices are incorrect because none of the choices will allow you to create an IPSec-based policy. Windows Defender is used by Windows Vista and Windows 7 to protect against spyware and malware. An application control policy uses AppLocker to provide application rule enforcement for executable files, Windows installer files, and script files. Software Restriction Policies can restrict software from being loaded on your computer based on a signed certificate, the hash of the file, the network zone in which the file is downloaded from, or the path to which the file is installed. Objective: Configuring Network Connectivity Sub-Objective: Configure Windows Firewall References: Microsoft Help and Support > Security rules for Windows Firewall and for IPsec-based connections in Windows Vista and in Windows Server 2008 TechNet > TechNet Library > Windows > Windows Server > Windows Server 2008 > Windows Server Content by Category > Windows Server 2008 Content by Category > Installed Help > Networking > Windows Firewall with Advanced Security

You work for the Verigon Corporation. All computers have Windows Vista and have a company application used by all employees. You have begun a long-term project to replace the application with a new one and you do not want to further develop the existing application. You plan to replace all client computers with new computers that have Windows 7. What should you do to resolve compatibility issues with Windows 7?

Use a shim Explanation: You should use shims for compatibility mitigation. Shims, also referred to as compatibility fixes, are bits of code that try to alleviate compatibility problems by using "workarounds" instead of directly fixing the problem. For example, an application that works in Windows XP may not work in Windows Vista or Windows 7 because the application may need to run with administrator rights. In Windows Vista or Windows 7, a user in standard user mode does not have administrator rights. In Windows XP, the application may assume that the user has administrator rights. If the compatibility setting of Run this program as an administrator does not work, you can use a shim to either fool the application that the user has administrator rights or trick the application into by passing the test for administrator rights. The shim can prevent the application from being rewritten. The shim can have the application run in standard user mode so that security is not compromised. In this scenario, the application can be rewritten, but the company's policy is to replace the application with a new application. The shim can allow a temporary fix until the new application is available. You should not add the application in Default Programs and associate it with a file type. Making a program a default for a file type allows you to ensure that the program will be called when you click on the appropriate file type. This action will not alleviate any compatibility issues between the application and the operating system version. You should not have to add the program into the Allowed Items list in Windows Defender. Windows Defender is used to protect against spyware and other unwanted software. Adding a file or program into the Allowed Items list in Windows Defender will bypass monitoring on the file. This action will not alleviate any compatibility issues between the application and the operating system version. You should not add a Data Execution Prevention (DEP) for the program. A DEP is used to determine if software is running malicious code. A DEP protects against damage from malware or viruses. If this is the case, the DEP will close the program and send a warning message. In this scenario, the program is not compatible with the new operating system. A DEP will not fix application compatibility problems. Objective: Configuring Hardware and Applications Sub-Objective: Configure application compatibility References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Managing Shims in an Enterprise > Deciding When to Use Shims as a Compatibility Mitigation TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Microsoft Application Compatibility Toolkit (ACT) Version 5.5 > Using the Application Compatibility Toolkit (ACT) > Phase 3: Testing and Mitigating Your Compatibility Issues > Development Tools > Compatibility Administrator Tool > Managing Application-Compatibility Fixes and Custom Fix Databases

You are the administrator for the Verigon Corporation. Your company uses a proprietary audio recording application called HitMaker. The application was installed on several computers that run Windows 2000 Professional, but your company has replaced the Windows 2000 Professional computers with new computers that have Windows 7 installed. You install the HitMaker application on the Windows 7 computers and set the application to run in Compatibility mode. Click the Exhibit(s) button to see the Compatibility settings. The proprietary application does not work properly. When you contact the vendor for support, you discover that the company is no longer in business. What should you do?

Use a shim to mitigate compatibility issues Explanation: You should use a shim as a compatibility mitigation. Shims, also referred to as compatibility fixes, are bits of code that try to alleviate compatibility problems by using "workarounds" instead of directly fixing the problem. For example, an application that works in Windows XP may not work in Windows Vista or Windows 7 because the application may need to run with administrator rights. In Windows XP, the application may assume that the user has administrator rights. In Windows Vista or Windows 7, a user logged in as a standard user does not have administrator rights. If the compatibility setting of Run this program as an administrator does not work, you can use a shim to either fool the application that the user has administrator rights or trick the application into bypassing the test for administrator rights. In this scenario, the application cannot be re-written or upgraded because the manufacturer no longer exists. The shim can prevent the need to rewrite the application. The shim can have the application run in standard user mode, so that security is not compromised. You should not add a Data Execution Prevention (DEP) for the program. A DEP is used to determine if software is running malicious code. A DEP protects against damage from malware or viruses. If this is the case, the DEP will close the program and send a warning message. In this scenario, the program is not compatible with the new operating system. A DEP will not fix application compatibility problems. You should not set the Performance Options for Background Services. In the Performance Options tab under the System Properties window, you can choose Background Services or Programs. The Background Services option assigns equal amounts of processor resources to all applications and services. The Programs option assigns more processor resources to the foreground programs than background programs. Neither of the Performance Options will resolve the compatibility issue of the application with Windows 7. Objective: Configuring Hardware and Applications Sub-Objective: Configure application compatibility References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Managing Shims in an Enterprise > Deciding When to Use Shims as a Compatibility Mitigation TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Microsoft Application Compatibility Toolkit (ACT) Version 5.5 > Using the Application Compatibility Toolkit (ACT) > Phase 3: Testing and Mitigating Your Compatibility Issues > Development Tools > Compatibility Administrator Tool > Managing Application-Compatibility Fixes and Custom Fix Databases

You have a computer that is running the Windows 7 operating system. There is an application that uses a database on the computer. The current disks attached to the computer are configured as follows: You have the following requirements: You want to speed up access to the database. You want to speed up the query time of the database. You want to speed up the time it takes to perform large updates to the database. You want to be able add disk space if the database grows too large. To accomplish this, you plan to place the database on a separate drive and add three additional drives to the computer. What type of hardware solution should you configure? (Choose two.)

Use the additional drives to create a striped volume Use diskpart.exe to convert the disks to dynamic disks Explanation: You should use diskpart.exe to convert the disks to dynamic disks and then use the additional drives to create a striped volume. Dynamic disks are required for striped volumes. A striped volume will improve disk reads and disk writes, which could help speed up the query time of the database. However, a striped volume will not offer any fault tolerance in case of disk failure. A striped volume consists of at least two disks. With striped volumes, data is striped across multiple disks. Disk writes are improved because data is uniformly written across multiple disks, and reads are improved are because there are multiple read-write heads from the different disks querying the data on the different disks. A striped volume is sometimes called a RAID-0 volume. You can use diskpart.exe or the Disk Management snap-in to create a striped volume. The following sequence of steps creates a striped volume across Disk 1, Disk 2, Disk 3, and Disk 4 that have 250 GB free on each drive. The total volume size of the striped volume will be 1 TB. Open an administrator command prompt and type diskpart. At the diskpart prompt, type list disk to display the number of disks that you want to use to create a striped volume. At the diskpart prompt, type create volume stripe size=25000 disk=1,2,3,4. You should not use the additional drives to create a RAID-5 volume. A RAID-5 volume consists of at least three disks. RAID 5 stripes data across the volume with parity bits. A RAID-5 volume will provide fault tolerance if one of the drives in the volume fails because the parity bits are used to rebuild the missing data on the failed drive. A RAID-5 can improve disk reads, but will not improve disk writes because of the writing of parity bits. The improvement in disk reads can help speed up the query time of the database, but a RAID-5 will not offer an improvement with the large updates to the database. You can also add disks to a RAID-5 volume to increase the amount of disk space available. You cannot configure a RAID-5 volume with the Windows 7 operating system, also known as a "software RAID", but you can use a hardware solution to configure the RAID-5 volume. With a hardware solution, the RAID-5 volume is configured independently of the operating system. The operating system only sees the RAID-5 volume as a single disk because the hardware, not the operating system, will manage the parity bits. You should not the additional drives to create a mirrored volume, sometimes called a RAID-1 volume. Although a RAID-1 volume will allow fault tolerance of the drive, a RAID-1 volume will not improve drive reads as much as a RAID-0 or RAID-5 drive. In the scenario, you wanted to improve the query time of the database, which requires reads to the disk. You should not create a spanned volume across the disks. A spanned volume will take advantage of disk space on different disks. However, a spanned volume will not improve reads better than a RAID-1, RAID-0, or RAID-5 volume. A spanned volume will not offer any fault tolerance in case of disk failure. You cannot use convert.exe to convert the disks to dynamic disks or to GPT disks. The convert command is used to convert a FAT volume to NTFS. You should not convert the disks to GPT disks. GPT drives use a GUID partition table (GPT) disk partitioning system. GPT drives can support up to 128 primary partitions and can go beyond the 2TB size. GPT disks will not display in a 32-bit Windows operating system, only 64-bit Windows operating systems. You do not need to convert Basic disks to GPT disks to support striped volumes. Dynamic disks are required for striped volumes. Objective: Monitoring and Maintaining Systems that Run Windows 7 Sub-Objective: Manage disks References: TechNet > TechNet Library > Server Products and Technologies > SQL Server > SQL Server 2008 > Product Documentation > SQL Server 2008 Books Online > Database Engine > Development > Designing and Implement > Databases > Optimizing Databases > RAID Levels and SQL Server TechNet > TechNet Library > Windows Server > Windows Server 2008 and > Windows Server Content.. >Windows Server 2008 R2 Content > Installed Help for Windows Server 2 > File Services > Disk Management > Create a Striped Volume

You are the administrator of a small domain for the Verigon Corporation. A user named Josh wants to be able to restore a system image to his laptop if the drive fails in the laptop. A new system image is created every Friday at 4:30 P.M. What must Josh do BEFORE a drive failure occurs in order to restore a system image?

Use the runas command to run recdisc.exe. Specify an administrator Explanation: Josh should use the runas command to run recdisc.exe. This executable allows an administrator to create a system repair disc. Josh should specify an administrator account to run recdisk.exe. Once the system recovery disc has been created, the disc can be used to restore a system image. You should do the following to restore a system image: Ensure your computer's BIOS settings are configured to have the computer to boot from CD/DVD drive. Insert either a system repair disc or the Windows 7 installation disc. Restart the computer. If prompted, press any key to start Windows from the installation disc. Choose your language settings. Choose Repair your computer. Select the Windows installation to repair. On the System Recovery Options menu, choose System Image Recovery. Specify the path to the system image. If the system image is stored on DVDs, add the first DVD in the drive. If the system image is stored on an attachable hard drive, the hard drive should be attached before booting with system repair disc. You cannot create a system repair disc when you choose Create a system image in the Backup and Restore applet in Control Panel. This option allows an administrator to create a system image of the computer. You must choose Create a system repair disc in the Backup and Restore applet in Control Panel to create a system repair disc. You cannot use bcdboot.exe to create a system repair disc. The bcdboot.exe tool is used to copy critical boot files to the system and boot partition. It can also be used to create a new BCD store. You cannot use repair-bde.exe to create a system repair disc. The repair-bde.exe utility is a repair tool for BitLocker drive encryption. This tool is used to repair or decrypt a volume that was encrypted with BitLocker. Objective: Configuring Backup and Recovery Options Sub-Objective: Configure backup References: Windows > Help and How-to > What are the system recovery options in Windows 7 Microsoft.com > Windows 7 > Help & How-to home > Getting Started > Using Windows 7 > Create a system repair disc Microsoft TechNet > RECDISC.EXE tool (how to make it work and create a repair/recovery cd) (missing picture # 2)

You would like to create an answer file to automate the deployment of Windows 7. You want to specify Internet Explorer settings, network configuration settings and OEM customization settings. You plan to build a reference computer that will contain these settings and then duplicate the reference installation to multiple computers. The reference computer will be configured by booting the computer with the Windows 7 DVD and inserting a USB drive with an answer file named Autounattend.xml. What utility should you use to create the answer file?

Windows System Image Manager

You have a laptop that runs Windows 7 Enterprise Edition. Your laptop has multiple volumes. Your account is a member of the Administrators group and the Remote Desktop Users group. You click the Start menu and open Accessories / System Tools / Disk Defragmenter to defrag all volumes on the disk immediately.

You did not have the Task Scheduler service started You did not have the Task Scheduler service started Explanation: You must have the Task Scheduler service started in order to run the defragmentation program from the Start menu. This is not the case if you want to run Defrag.exe from the administrative command prompt. In Windows 7, you can run the following Defrag.exe command from the administrative command prompt to defrag all volumes, run the defrag program with low priority, and show fragmentation statistics: Defrag /C /V The /C parameter performs defragmentation on all volumes, and the /V parameter displays fragmentation statistics. Attempting to defrag multiple volumes in parallel would not cause the defragmenter to fail. Unlike previous versions of Windows, multiple volumes can be defragmented in parallel in Windows 7. However, you can schedule defragmentation on multiple volumes only if Task Scheduler is running. Defragmentation is not disabled by default in Windows 7. You can run it from an administrative command prompt with the Defrag.exe command, or from the Start menu if the Task Scheduler service is running. In this scenario, you do not have to be a member of the Backup Operators group. You are already a member of the Administrators group, which has all of the required permissions to perform the defragmentation operation. Objective: Monitoring and Maintaining Systems that Run Windows 7 Sub-Objective: Manage disks References: MSDN Blogs > Disk Defragmentation Background and Engineering the Windows 7 Improvements TechNet > TechNet Library > Windows > Windows Server 2008 and Windows Server 2008 R2 > Windows Server 2008 R2 Content by Category > Installed Help for Windows Server 2008 R2 > Remote Management and Scripting > Task Scheduler > Task Scheduler Overview

You are the administrator for the Verigon Corporation's Active Directory domain. All client computers run Windows 7 and all server computers run Windows Server 2008. You want to create a PowerShell script that copies the log file from an application server locally to the hard drive of a Windows 7 computer. Click the Exhibit(s) button to view the directory structure of the Windows 7 computer. You create the following script: 1: 2: # defining log destination 3: $dest ="C:\somedirectory" 4: 5: #File to copy 6: $iis ="\\10.88.16.96\temp\logs\iislog.log" 7: 8: #Performing copy operation 9: Copy-Item $iis $dest When a user on the computer executes the script, she gets the following error: Copy-Item : Access to the path 'C:\somedirectory' is denied. At line:4 char:10 + Copy-item <<<< $iis $dest + CategoryInfo : PermissionDenied: (\\10.88.16.94\temp\logs\iislog.log:FileInfo) [Copy-Item], UnauthorizedAccessException + FullyQualifiedErrorId : CopyFileInfoItemUnauthorizedAccessError,Microsoft.PowerShell.Commands.CopyItemCommand What could be the problem?

You must include New-Item $dest -type directory -force at line 7 of the of the script Explanation: You should include New-Item $dest -type directory -force after line 3 but before line 9. The PowerShell command of New-Item can be used to create a directory, file, or a PowerShell profile. The -type parameter can be a file or directory. The -force parameter is used to override the default behavior. This parameter will ensure that if you receive a message that the file already exists, the command will replace the file with the new file. The command must be run after line 3, because the command contains the variable of $dest. This variable is defined in line 3. If you run the command before line 3, the $dest variable is not defined. The option that states the user does not have permissions to the C:\somedirectory directory is incorrect. As the exhibit shows, the C:\somedirectory directory has not been created yet. You should not include new-object -comobject somedirectory -property @{navigate2="10.88.16.94"; visible = $true} at line 7 of the of the script. The new-object creates an instance of a Microsoft .NET Framework or COM object. You do not need to create a COM object, but a directory called somedirectory. Objective: Configuring Network Connectivity Sub-Objective: Configure remote management References: TechNet Home > Script Center > What Can I Do With Windows PowerShell? George Trifonov > Powershell file copy example. Copy-Item code snippet

You are a desktop support technician for a branch office of your company. All client computers run Windows 7. A printing device named LaserJet1 is connected to one of the Windows 7 computers. The printer is shared with users on the network. A user that sends a document to the printer uses the security identifier, Creator Owner, as the owner of the document on the printer. A user should be able to restart the printing of documents that the user has sent to the printer. Which of the following permissions should you grant to the Creator Owner on LaserJet1?

You should not grant any additional You should not grant any additional permission to Creator Owner. Explanation: In this scenario, you should not grant any additional permission to Creator Owner. By default, Creator Owner is granted the Manage Documents permission, which enables a user to do the following: cancel, resume, pause, restart, and reorder the documents that are sent to the printer. You can set the following printer permissions in Windows 7: •Print - Each user can manage his/her own print job. A user can print, restart, cancel or pause their own print job. •Manage Documents - Allows a user to manage all users' print jobs that are waiting in a print queue. •Manage Printers - Allows you to share, rename, delete and change preferences for a printer. This permission allows you to change the printer permissions for all users and manage the print jobs for all users. All other options are incorrect because Create Owner already has been granted the Manage Documents permission. Objective: Configuring Access to Resources Sub-Objective: Configure shared resources References: Windows Help and How-to > What are printer permissions?

You plan to install Windows 7 on several computers in your company. You have created a reference computer, captured images of your reference computer, and stored the images on the SRV1 server in the Win7Images folder. You boot a computer with the Windows PE media. You use DiskPart to create the appropriate partitions, set a partition active, and format the partitions. The drive configuration is as follows: Which commands must you run on the computer to install the Win7Image.wim image file on the computer? Choose the appropriate commands from the left and place them in the correct order. Not all commands may be used.

You should run the following commands in this order to install the Win7Image.wim image file on the computer: You must first copy the images from the shared folder on the server to the computer. In this scenario, you should copy the images to drive F: because drive C: is only 200 MB. You could map a drive letter to the server and copy the image using the drive letter, or you could use the UNC path to copy the file. The following command uses the UNC path to the Win7Image.wim image file and copies the file to the F: drive: copy \\SRV1\Win7Images\Win7Image.wim f: You must use the ImageX tool from the Windows PE media to apply the image to the drive. This tool captures, modifies, and applies installation images for deployment. The following command applies the Win7Image.wim image to the first partition on drive D: e:\imagex.exe /apply f:\Win7Image.wim 1 d: You should use the BCDboot utility to copy boot environment files to the system partition and initialize Boot Configuration Data (BCD) store. The BCDboot file is found in the \Windows\System32 folder. You should not type the bootcfg /copy \\SRV1\Win7Images\Win7Image.wim f: command. The bootcfg.exe tool is used to edit the settings stored in the boot.ini file, which is deprecated in Windows 7. The bootcfg.exe tool cannot be used to copy an image file. You should not type the e:\sysprep.exe /apply f:\Win7Image.wim 1 d: command. Sysprep prepares a computer's hard disk for disk duplication, auditing, and for automating MiniSetup. Sysprep.exe prepares images for disk duplication and allows you to copy fully installed operating systems onto similar hardware. Sysprep modifies the local computer Security ID (SID) so that it is unique to each computer. You can also use Sysprep to create a shortened GUImode setup that takes only a couple of minutes to complete, and which prompts the end user only for user-specific information, such as accepting the EULA and providing the product key, user name, and company name. Sysprep cannot apply an image to a drive. You should not type the e:\boot\efsboot.com d: command. The etfsboot.com file creates a CD boot sector for an embedded recovery CD. This file cannot be used to copy boot environment files to the system partition or to initialize the Boot Configuration Data (BCD) store. Objective: Installing, Upgrading, and Migrating to Windows 7 Sub-Objective: Perform a clean installation References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Windows Preinstallation Phases > Phase 4: Deploying Your Windows Image > Capture and Apply Windows Images TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Windows Preinstallation Phases > Phase 4: Deploying Your Windows Image > Capture and Apply Windows Images TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Deployment Tools Technical Reference > ImageX Technical Reference > Windows Imaging File Format (WIM) TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Deployment Tools Technical Reference > ImageX Technical Reference > Windows Imaging File Format (WIM) TechNet > TechNet Library > Windows > Windows Vista > Windows Vista Technical Library Roadmap > Deployment > Windows Automated Installation Kit (Windows AIK) > Deployment Tools Technical Reference > Command-line Tools Technical Reference > DiskPart Command-Line Options TechNet > TechNet Library > Windows > Windows Vista > Windows Vista Technical Library Roadmap > Deployment > Windows Automated Installation Kit (Windows AIK) > Deployment Tools Technical Reference > Command-line Tools Technical Reference > DiskPart Command-Line Options TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Step-by-Step: Basic Windows Deployment for IT Professionals TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Step-by-Step: Basic Windows Deployment for IT Professionals

You are the administrator of the Verigon Corporation. A user named Jane connects on a daily basis to an intranet site from her Windows XP workstation with her user account and a certificate. Tomorrow Jane will be receiving a new computer installed with Windows 7 and Internet Explorer 8 (IE 8). What should you do to ensure that Jane can continue to connect to the intranet site from the Windows 7 computer?

`Export the certificate from the source computer. Access the Content tab of Internet Options in IE 8 to import the certificate to the Windows 7 computer. Explanation: You should export the certificate from the source computer, which is the old workstation, and then access the Content tab of Internet Options in Internet Explorer 8 to import the certificate to the Windows 7 computer. In this scenario, the Web site is using a two-factor authentication that consists of the user account and a certificate. You must export the certificate from the source computer to a PKCS #7 file, a DER-encoded file, or a Base64-encoded file. You can then use the Certificates snap-in or Internet Explorer 8 on the destination computer to import the file. If you use Internet Explorer 8, the certificate import can be accessed from the Content tab of Internet Options. Click Certificates to open the Certificates window and choose Import. Browse to the exported certificate file and import it. You should not access the Security tab in Internet Options to import the certificate. There is no option on the Security tab to view, export, or import certificates. You must use the Content tab of Internet Explorer 8 to import a certificate. You should not add the Web address of the intranet site into the Trusted sites list in Internet Explorer 8 on the Windows 7 computer. The trusted sites zone contains Web sites that you trust. Normally these Web sites are not part of the intranet. Adding the Web site to the Trusted sites zone will not allow proper authentication to occur. You must have the client certificate for the Web site imported into the browser. You should not add the Web address of the intranet site into the Local intranet site list in Internet Explorer 8 on the Windows 7 computer. The local intranet zone is used for all Web sites found on your intranet. While you may want to add the Web site to this zone, you must first import the certificate into the browser so the proper authentication may occur. Objective: Configuring Hardware and Applications Sub-Objective: Configure Internet Explorer References: Microsoft Help and Support > How to Remove, Import, and Export Digital Certificates

You purchase a laptop from a major computer vendor that has the Windows 7 operating system installed. You are suspicious of the vendor's claim about the battery life of the laptop. You open an administrator's command prompt and type the following command: Powercfg -Energy This command performs a 60-second trace of your computer and creates a diagnostic report of power efficiency. What is the filename that of the report?

missing qu40 energy-report.html Explanation: The filename of the report is energy-report.html. You can use the PowerCfg.exe command to configure power management settings. The -energy switch can be used to create a report after observing your computer for 60 seconds. You can use the report to see what applications or devices might be causing power management problems. The report displays errors, warnings, and informational messages relating to power consumption. All other options are incorrect because they are not the default name of the report. You can specify the -output parameter with PowerCfg.exe command to specify a custom report name. Objective: Configuring Mobile Computing Sub-Objective: Configure mobility options References: TechNet > TechCenters > TechNet Magazine > Home > Tips > Windows 7 > Tip: Troubleshoot Power Management Settings in Windows 7 Blogs MSDN > Rob Margel > powercfg ENERGY - Windows 7 Power Management Reports

You have a laptop that has the Windows Vista operating system. You want to transfer files and settings to another laptop that is running the Windows 7 operating system. Which of the following methods can you use to transfer files and settings? (Choose all that apply. Each correct answer is a separate solution.)

network connection Easy Transfer cable Explanation: You can use a network connection or an Easy Transfer cable to transfer files and settings from one computer running Windows to another. Microsoft recommends using the Windows Easy Transfer wizard to for transferring files and settings. The Windows Easy Transfer wizard supports the use of a USB flash drive (UFD), a network connection, or an Easy Transfer cable. An Easy Transfer cable can be used to transfer files and settings from one computer to another by utilizing the USB ports on the source and destination computer. You cannot use a regular USB cable, serial cable, or IEEE 1284 cable to transfer files with the Windows Easy Transfer wizard. None of these cable types is supported by the Windows Easy Transfer wizard. Objective: Installing, Upgrading, and Migrating to Windows 7 Sub-Objective: Migrate user profiles References: TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Step-by-Step Windows 7 Upgrade and Migration TechNet > TechNet Library > Windows > Windows 7 > Windows 7 Technical Library Roadmap > Deployment > Windows Automated Installation Kit for Windows 7 RC > Windows Preinstallation Phases > Phase 1: Planning Your Deployment > Preinstallation Concepts > Understanding Upgrade and Migration

You have a computer that runs the Windows 7 operating system. You have a 200 GB hard disk in your computer, but you are receiving warning messages about low disk space. You can account for about 120 GB of system data, applications, and files. You are puzzled why you are receiving a low disk space warning message. You have recently created a full backup of the disk. You run the Disk Clean tool. The low disk space warning messages go away temporarily, but reappear after a few days. What should you run from the administrator command prompt to recover space on the disk?

vssadmin resize shadowstorage /for=c: /on=c: /maxsize=60GB Explanation: You should run vssadmin resize shadowstorage /for=c: /on=c: /maxsize=60GB from an administrator command prompt to free up extra disk space. The vssadmin command can be use to manage shadow copies stored on your computer. You can use the following command to see all the restore points currently saved on the system: vssadmin list shadows You can use the following command to see how much disk space is allocated to and used by System Restore and the Shadow Copy Service: vssadmin list shadowstorage You can limit the amount of disk space that is used by shadow copy storage to 60GB by using the following command: vssadmin resize shadowstorage /for=c: /on=c: /maxsize=60GB The resize shadowstorage parameter is used to resize the amount of storage space that is used on a volume. The /maxsize parameter specifies the maximize size of the shadow copy storage on the volume. When you change the size of shadow copy storage, the operating system will delete as many restore points and previous copies as is needed, thus freeing up disk space. The files and folders that are deleted will being with the oldest. You should make sure that you make a full backup before reducing the shadow copy storage. You should not run defrag /C /H /V from an administrator command prompt. The defrag command will not free up disk space. This command will place files in a contiguous storage on the disk so that data retrieval can be sped up. The /C parameter defrags all volumes on the disk. The /H parameter runs the defrag command in normal priority instead of low priority. The /V parameter displays statistics to the screen. You should not run chkdsk /F /V /L:60GB from an administrator command prompt. The chkdsk command is used to check a disk for errors or repair errors on a disk. This command cannot be used to free up disk space on a volume. The /F parameter fixes errors on the disk. The /V parameter displays the full path name for every file on a FAT/FAT32 volume. The /L parameter changes the log size. This size on specifies kB and not GB. You should not run Storrept FileMgmt Run from an administrator command prompt. This command is used to create reports that display information on disk storage. This command will not free up disk space on a volume. Objective: Configuring Backup and Recovery Options Sub-Objective: Configure file recovery options References: PC Magazine > Controlling Shadow Copies in Vista (and Windows 7!) Tech Republic > Rein in the unbound storage appetite of Vista System Restore


Set pelajaran terkait

Ch 33 Bio 2 Study Guide/Belmont University

View Set

BUAD309 Ch. 6, chapter 11, Chapter 13, Chapter 18, HRM 360 ch.5, Buad309 Chapter 7 Exam Questions

View Set

El futuro, el condicional y los pronombres relativos (que, quien, quienes, lo que)

View Set