CIST 2411 Final Exam
A feature update includes new capabilities and improvements. What is the maximum number of days you can defer feature updates?
365
Which of the following describes a system image backup? (Select two.)
A system image backup consists of an entire volume backed up to .vhd files. A system image contains everything on the system volume, including the operating system, installed programs, drivers, and user data files.
As an added security measure, you'd like to implement network fencing using Intune for your mobile device management (MDM). Select option that best describes network fencing.
Admins can keep devices outside their corporate network from accessing enterprise resources.
You need to configure Remote Assistance on your Windows system so that invitations can only be used from computers running Windows Vista or later. Click the System Properties option you would use to do this.
Advanced
You are implementing Windows Information Policies (WIP) and would like to prompt users when they are moving sensitive company data on their devices. What WIP mode should you deploy?
Allow Overrides This mode warns employees if they are inappropriately sharing data. It won't stop them, but it will log their actions.
You have 400 Windows 10 workstations and a Windows Server Update Service (WSUS) in your office. Which option would you use to stop the workstations in your organization from using Microsoft's servers for system updates?
Allow downloads from other PCs
When do you need to use the full path to a script in order to run it in PowerShell?
Always.
Which Android enrollment options would you choose in order to keep work data and personal data separate on your Android devices?
Android Enterprise work profile.
You would like to set up an app deployment method in Intune that shows users from each department the apps they have rights to so that they can be downloaded. Which deployment method would you use?
App catalog
You have a corporate application that employees must use that includes sensitive company information, including the phone numbers and contact information of employees and clients. You want to secure the app on mobile devices so users must enter a PIN when opening and accessing the app. Which of the following would you implement to meet this objective?
App protection policy
You want to block all Samsung Android devices from accessing corporate resources in your IT environment. Which of the following would you implement?
App protection policy
Your remote users run a Universal Windows Platform (UWP) application that requires access to certain files on a network share each time it runs. What would you implement in order for your remote users to make sure that network resources are always available when they run that application?
Application trigger
As an administrator, you are configuring a compliance policy in Intune. Place the following in the correct order to properly configure this policy. Step 4
Assign the policy to one or more user groups or device groups
You are creating a new device profile. You want it to apply to all users except the domain administrators. How would you accomplish this?
Assign the profile to the AllUsers group and exclude the Domain Admins group
One of the users you support, VKumar, has just turned on File History and selected the internal D: drive as the location to which his files will be copied. By default, which directory does File History copy files from to save on the D: drive?
C:\Users\VKumar
Mandatory Profile
Can be stored locally or on the network; user cannot make setting changes.
Match
Captures system performance statistics over a period of time. Data Collector Set (DCS) Used to view the collected data from data collector set counters. Performance Monitor Reports Displays real-time visual graphs of a computer's overall performance. Performance Monitor Used to start and stop and existing collection. logman.exe
You use a Windows 10 system with File History running. Currently, File History is configured to save copies of files every hour. However, you've been assigned to work on a high-profile project, and you would like File History to save copies of files every 15 minutes. What should you do? (Select two. Each answer is part of the complete solution.)
Click Advanced settings and then set Save copies of files to Every 15 minutes In Control Panel, click System and Security > File History
You manage several Windows systems that are members of a domain. Your company uses Remote Assistance to help diagnose user desktop issues. All computers are configured to allow Remote Assistance. One day, you receive a Remote Assistance request from someone you don't know using an invitation file you created several weeks ago. What can you do to prevent this from happening again? (Select two.)
Decrease the timeout for invitation files. Require a password on invitation files.
Microsoft Defender ATP can be combined with Intune to form a robust and powerful security system for all mobile devices on the network. The organization must meet which of the following three requirements? (Select three.)
Defender ATP Requirements Licensed for Enterprise Mobility + Security Have an Intune account with Azure Active Directory Have Microsoft Defender ATP and access to the Security Portal
You need to deploy a new cloud-based Windows Intune deployment to manage mobile devices in your organization. Arrange the deployment configuration tasks in proper order on the right. Not all tasks will be used. Step 3
Define Intune policies
Using the Settings app, you have accessed Windows Update > Delivery Optimization. What function does this option provide?
Delivery Optimization provides you with Windows and Store app updates and other Microsoft products.
You are using the Services app. You have double-clicked on a service. Which tab will allow you to see the system drivers that the service uses?
Dependencies
Which Group Policy setting, when disabled, forces users to update their system before the system is shut down?
Do not display Install Updates and Shut Down option in Shut Down Windows dialog box
Android
Download the Company Portal app from Play Store on each device.
The Windows Performance Toolkit (WPT) is not included with the Windows operating system. Which steps do you need to follow to install and run the WPT? (Select two. Each answer is part of the complete solution.)
Download the Windows Assessment and Deployment Kit (ADK). Install the Microsoft .NET Framework 4.5.
How are Enterprise State Roaming (ESR) profiles different from other traditional user profiles? (Select two.)
ESR keeps corporate and personal data separate. In this manner, corporate data is always protected. ESR syncs user and app settings on their Windows 10 devices to the cloud.
You've enabled Enterprise State Roaming (ESR) in Azure AD. However, some of your Windows 10 users are calling support because some of their app and user settings are not syncing properly between their Windows 10 devices. You check all your ESR settings, and it looks to be set up correctly. What else could be causing some Windows 10 users to have problems and others not with ESR? (Choose two.)
ESR requires Windows 10 version 1151 or later The device has not been restarted since enabling ESR
You have a user remotely connecting to the corporate network from a client location. They can connect to the corporate network file server. But they cannot access files and folders they need on the client LAN in order to work on their project. What would you enable in order to allow the user to access resources on both networks while the VPN is connected?
Enable split tunneling You should choose to enable split tunneling. This would save the user time spent having to connect and disconnect the VPN.
You are supporting a Windows 10 computer that is used by three different users. The computer has the following volumes with default System Protection settings: C: (System drive with user profiles and individual user files) E: (Data files common to all users) Which option is the easiest way to protect the data on both volumes with restore points?
Enable system protection for the E: volume.
You need to be able to remotely execute commands on a Windows workstation named WS1. Which commands can be used to enable remote management on this system?
Enable-PSRemoting winrm quickconfig
You need to deploy a new cloud-based Windows Intune deployment to manage mobile devices in your organization. Arrange the deployment configuration tasks in proper order on the right. Not all tasks will be used. Step 4
Enroll mobile devices
You are an administrator that needs to implement mobile device security. Match the available security options with their descriptions.
Enterprise Mobility Management (EMM) The combination of MDM and MAM solutions in one package, like Intune. Mobile Application Management (MAM) Focuses on managing the applications on a mobile device, not the device itself. Mobile Device Management (MDM) Manages the user's device, including remotely wiping the device.
There is an app available in the Windows Store that users need to complete their day-to-day tasks. You want to deep link this app in Microsoft Intune to make it available on your Company Portal. How should you configure the app to be made available to these devices when publishing the app? (Select two.)
External link & Available install
Which of the following are types of operating system updates for Windows 10 provided by Microsoft? (Select two.)
Feature updates Quality updates
Match defs to OS
Feature updates Quality updates Quality updates Feature updates Quality updates
What are some security measures Microsoft has implemented to protect your system against users trying to use PorwerShell for malicious purposes?
File extension, script's full path, and execution policies
You are configuring file backups using Backup and Restore (Windows 7) in Control Panel on a Windows system. Which information can be included in the backup? (Select two.)
Files on user desktops Files in user Documents libraries
Which action can you take to see disk activity performance for an application running on your Windows system?
Filter by the application in Resource Monitor.
You want to see memory statistics for a specific process running on your Windows system. What do you need to do to view the working set, shareable, and private memory for the process?
Filter by the process in Resource Monitor
Which tool can you use to remotely manage a system using a graphical user interface?
Graphical Microsoft Management Console
As an administrator, you are configuring a compliance policy in Intune. Place the following in the correct order to properly configure this policy. Step 2
Identify an OS platform: iOS, Android, or Windows
When should you start monitoring system performance?
Immediately after the system is set up. Monitoring system performance is very important. You should start monitoring immediately after a system is set up in order to create a baseline that you can use for comparison later on. This allows for monitoring comparisons after the system has been in use for a while, has more hardware devices attached to it, has different applications installed on it, and so on
You manage two Windows systems named Computer 1 and Computer 2. You have configured Event Subscriptions with the default settings to forward events from these two computers to a third Windows system named Computer 3. How do you view the events from these two computers on Computer 3?
In Event Viewer, open the Forwarded Events log.
You manage a Windows system. You would like to generate a report that runs several basic tests of the operating system, Security Center, hard disk, services, and hardware devices and drivers. How can you generate a report that includes suggestions for how to improve system performance?
In Performance Monitor, run the System Diagnostics Data Collector Set.
While working with a new application on your Windows system, the application stops responding. How can you analyze the application and its associated processes to identify which processes the application is waiting on?
In Resource Monitor, analyze the wait chain for the process.
You have a computer running Windows 10. The C: drive holds all system files and is the boot volume. The D: volume holds only user data files. You want to schedule a backup that includes everything on the C: and D: drives so you could restore your entire computer if necessary. How do you configure the backup to run on Monday, Wednesday, and Friday?
In Windows Task Scheduler, create a task to run wbadmin
You need to connect to a remote Windows system using Remote Desktop. How can you copy files from your local hard drives to the remote computer with the least amount of effort?
In the Remote Desktop Connection options, edit the local devices and resources options.
You are about to give a presentation. You have connected your laptop to a multimedia projector. You are concerned about interruptions to your presentation, such as notification balloons and the screen turning black. What should you do?
In the Windows Action Center, enable the Presentation Settings option. Enable the Presentation Settings option in the Windows Action Center. When the Presentation Settings option is turned on, your laptop stays awake, and system notifications are turned off.
How should cmdlets in a PowerShell script be organized?
In the order that they should run
You want to use a USB flash drive as a system recovery drive. Which of the following steps can you use to launch the utility you must use to perform this task?
In the taskbar search field, type "Create a recovery drive". Then select the "Create a recovery drive entry in the search results."
You have been put in charge of providing a VPN solution for employees who work remotely. When these employees change locations, they lose their VPN connection. You want them to automatically reconnect if the VPN connection is lost or disconnected. Which VPN security protocol supports the VPN Reconnect functionality?
Internet Key Exchange version 2 (IKEv2) is required to use the VPN Reconnect feature.
You need to set up and pre-configure new Windows 10 devices to get them ready for use and distribution to users. Which Microsoft cloud-based tool would you use to accomplish this?
Microsoft Autopilot
Which cloud-based Microsoft modern management tool would you use to remotely restart a mobile device?
Intune
Why does virtual memory play an important role in the Windows OS?
It allows you to run more applications on the system than you have physical memory to support.
What happens when you double-click a PowerShell script file?
It opens as a Notepad file.
What are the benefits of the Indexing Service on a Windows system? (Select two.)
It searches specified locations on the system's hard disk drives and catalogs all the files and programs it finds. It makes the search process much faster.
You are evaluating Wi-Fi Direct for establishing wireless connections between Windows notebooks and mobile devices such as phones and tablets. Which of the following statements are true regarding Wi-Fi Direct? (Select two.)
It uses WPA2 security. It uses the 802.11n wireless standard.
Compulsory aka Super-Mandatory
Locked-down profile. User is required to use it and cannot make changes. If profile is unavailable, user will not be able to log on.
You have some apps that you would like to manage and secure that are not being managed by Intune. At this point in time, they are being managed by another vendor that provides enterprise mobility management (EMM). Which mobile application management (MAM) configuration would you implement?
MAM-WE, or MAM without enrollment You would implement the MAM-WE configuration because Intune is not managing the devices (without enrollment).
Which Microsoft tool would you download to help you migrate your group policies to MDM policies?
MMAT (MDM Migration Analysis Tool)
You manage a Windows system that is a member of a Workgroup. The computer is shared by three users. Each user has a standard user account. Mary is one of the three users of this computer. She wants to access the computer using a Remote Desktop connection. How do you allow Remote Desktop access for Mary while granting her the least amount of privileges possible?
Make Mary's user account a member of the Remote Desktop Users group.
As an administrator, you feel like you are in over your head with some attacks you are experiencing on your devices and network. You feel like you need some help. Which Defender ATP component would you use?
Microsoft Threat Experts This special Microsoft team works with the organization's security administrators to scan and detect vulnerabilities in their systems. They can help to remediate discovered vulnerabilities and threats.
You need to implement a wireless solution to allow Windows notebook systems to send audio and video streams to projectors so employees can give presentations. Which mobile wireless technologies can you use to do this? (Select two. Each answer is part of the complete solution.)
Miracast Wi-Fi Direct
You are researching the hardware components to assist in power management in your users' Windows 10 laptops. Choose the three most common components.
Mobile graphic cards Lower-power hard drives CPUs
Which two pieces of hardware are required to make a connection to a mobile network? (Select two.)
Modem SIM Card
How do you increase the size of the paging file on your Windows system?
Modify the Advanced system settings.
You are supporting a Windows 10 computer that has two volumes: The C: drive is the system drive with user profiles and individual user files. The D: drive holds data files common to all users. System Protection has been configured as follows: A system image backup has been created that includes both the C: and D: drives. Regular backups are scheduled to back up all user libraries. The scheduled backup includes a system image. System Restore has been used to take a snapshot. A user has edited and saved a file on the D: drive. The user doesn't like the changes and wants to revert to a previous version of the file. The user goes to the Previous Versions tab of the file and sees nothing listed. To avoid this situation in the future, you must ensure that users can revert files on the D: drive to earlier versions of the file from the Previous Versions tab. What should you do? (Select two. Each answer is a complete solution.)
Modify the backup settings in Backup and Restore to include the D: drive. Enable System Protection for the D: drive.
Your Windows 10 computer has two hard drives. The C: drive is the system drive, and the D: drive holds data files. You perform a system image backup that includes both drives using the Backup and Restore console. Your computer takes regular restore point snapshots. One day, you find that the D:\finances folder has been deleted. You check previous versions of the drive, but find nothing listed. Which action can you take to restore the folder and its contents as quickly as possible?
Mount the .vhd file in the backup and then copy the folder to the drive.
Which of the following is a characteristic of a virus?
Must be attached to a file or program to run
You have opened the System Information app, which is now displaying the System Summary. Which information can be seen from this view?
Name of the operating system, the operating system manufacturer, and system model number.
In the Windows Action Center, notifications are provided for which of the following? (Select two)
Network firewall Windows Defender
You would like to leverage services like machine learning together with cloud-based technology to provide more security for your organization. Which Defender ATP component would you implement?
Next Generation Protection Next Generation Protection includes: Real-Time Protection Cloud-Based Delivery Dedicated Updates
You need to create a recovery drive for your Windows system. To do this, you've procured a USB flash drive with the following characteristics: - USB version: 2.0 - Capacity: 4 GB Can you create a recovery drive using this device?
No. The device must be 8 GB (or larger) in size.
Use intune for management
Not using Config Manager
Which of the following types of malware are designed to scam money from the victim? (Select two.)
Scareware Ransomware
You manage a Windows 10 system, on which File History has been turned on. You want to keep all versions of your files until space on the hard drive is needed. You have used Control Panel to access File History as shown in the image. Click on the option which will let you configure the required setting.
Select "Advanced Settings"
You have just set up a new Windows 10 system. You want to be able to recover this system if a major failure occurs. With some system failures you can still boot the system and log on and then perform tasks to recover the system using a backup. Click the option you must use if you want to be able to recover from a system failure when this type of failure occurs.
Select "Set up backup" under the Backup section.
You want to use an optical disc as a system recovery drive. In the System and Security category, click the Control Panel item you must use to create a system repair disc.
Select the "Backup and Restore (Windows 7)" option.
You use a Windows 10 system with File History enabled. You've been working on the index.html file in the HTML Files folder in your Temp\HTML library. You realized this evening that you've made many erroneous changes during the day that will require a great deal of work to correct. You decide that the best option is to restore the version of this file as it was this afternoon. You've used File History to identify the version of the file you want to restore. Click the option you would use to restore version 6 of the file shown.
Select the green button with the replay arrow
Match servicing channels to description...
Semi-annual Channel Long-term Servicing Channel Windows Insider Program (WIP) Long-term Servicing Channel Semi-annual Channel Windows Insider Program (WIP)
After running the Backup and Restore console on your Windows computer, you notice that backups are not created for open files. To troubleshoot the issue, you want to confirm that the Volume Shadow Copy Service (VSS) is running and configured to start automatically when the computer boots. Which tool can you use to make sure VSS is configured to start automatically?
Services
You are setting up a cloud-based Intune deployment. You have created accounts for your users, and you have defined the policies you need to manage your organization's mobile devices. You are ready to enroll mobile devices. Which task must you perform before you can complete mobile devices enrollments?
Set Intune as your mobile device management authority
You are setting up Windows Defender ATP with Intune. Put the following steps in the order in which they must be completed.
Set up Defender ATP with Intune as follows: 1. Connect the Intune and Defender ATP systems. 2.Devices in Intune are then configured to communicate with Defender ATP. 3.Configure the security policies in Defender ATP and Intune. 4.Any devices that do not comply with the security policy are blocked.
When using the Indexing Service on your Windows system, how many directories should you typically catalog?
Only those containing data that is used often.
Install the Intune Client
Only using Config Manager
You are the desktop administrator for your company. You would like to manage the computers remotely using a tool with a graphical user interface (GUI). Which action should you take? (Select two. Each answer is a possible solution.)
Open Computer Management and connect to each remote computer. Establish a Remote Desktop connection to each computer.
You started using a new Windows server three months ago. Since that time, you have found that the system slows down and crashes from time to time. You want to look at a report that shows important events for the server since it was installed. You'd like to see when the software was installed and if there are any hardware or application failures. What is the simplest way to view this information?
Open Reliability Monitor
You have a Windows system that you would like to manage remotely. You enable Remote Desktop on the computer. While working from home, you find that your home firewall is blocking Remote Desktop. Using the port numbers assigned by default, how can you configure the firewall to allow a Remote Desktop connection to the system?
Open port 3389 in the network firewall.
You are using your Windows 10 notebook system as you travel to client sites. You are about to board an airplane and decide to switch your notebook to Airplane mode prior to boarding. How do you switch a notebook to Airplane mode? (Select two. Each answer is part of the complete solution.)
Open the Settings app and click Network & Internet. Select Airplane mode to turn wireless communications off.
You work in a branch office and use a desktop system named Comp1. A Windows server named Srv1 is located in the main office. On Srv1, you share a folder named Data using the default caching settings. You use Offline Files in the branch office to make the files in the Data share are available when the WAN link is down. On Comp1, you want to see your synchronization partners and the results of the latest synchronization. You also want to view and resolve any conflicts. What should you do?
Open the Sync Center in Control Panel.
You need to manually synchronize the offline files on your Windows system with the versions of the same files stored on a network share. What should you do?
Open the Sync Center. Although files are automatically synchronized when a system comes online, files might not be continuously synchronized. To force a synchronization, use the Sync Center. You can also right-click the shared folder or file in File Explorer and click Sync > Sync Selected Offline Files. To open the Sync Center, open Control Panel. Type Sync Center into the search field and press Enter.
As an administrator, you would like your users to initiate the enrollment of their Windows 10 devices into Intune. Which of the following can users choose to accomplish this task? (Select four.)
Perform an Azure AD join during OOBE (Out of Box Experience) Add a work or school account Enroll in MDM only Use Windows Autopilot
There's a tool designed to collect data. It allows you to specify which counters you want to collect data for by clicking on the plus sign and adding the counters you want. What's the name of this tool?
Performance Monitor
You want to enable Data Execution Protection (DEP) for all programs and services on your Windows system. Click the option you would use in System Properties to configure this function.
Performance settings
You have a computer running Windows 10. You have just enabled Remote Desktop on the computer so you can connect to it using a low-speed broadband connection from home and run a few reports. You need to optimize the performance of your Remote Desktop session for your slow connection. Select the Experience setting(s) that will optimize performance.
Persistent bitmap caching
There are several methods to enroll devices depending on ownership, platform, or management requirements. Match each of the items on the left with the appropriate group name on the right Ownership
Personal or corporate
You have been having trouble with your Windows notebook system crashing. The support technician wants you to send him a memory dump that occurred when the computer crashed. You find that the computer did not create the memory dump file. How can you configure the system to create a memory dump file the next time it crashes?
Place the paging file on the system drive.
You are a new system administrator, and your company has just mandated that users need to work from home and connect to files and folders on the network. Which option will allow users to connect to the corporate network remotely and securely?
Set up a virtual private network (VPN) on the server side and install the client on each remote user's laptop.
As a system administrator, you manage hundreds of Windows 10 devices using Configuration Manager. Now you would like to co-manage these devices with cloud-based Azure tools. What should you do to achieve co-management?
Set up hybrid Azure Active Directory and then enroll the Windows 10 devices into Intune.
Which power plan enables your Windows notebook system to save as much battery power as possible?
Power saver power plan
You are following the life cycle of an application in Intune. You want to implement conditional access policies to limit unauthorized exposure to email and company resources. Which phase are you implementing?
Protect phase You would implement the protection phase. This deals with protecting the data in the app. There are two main methods for doing this: conditional access and app protection policies.
Mobile device management (MDM) policies using Intune are powerful and have been created to accomplish two main objectives. (Select two.)
Protect the organization's valuable data and assets Empower users to be productive wherever and whenever they want
Windows comes with a special tool called the Microsoft Management Console (MMC). What does this tool do?
Provide a consistent interface for all management tools.
You are on an airplane. You are instructed to turn off your Windows notebook system completely and immediately. You have several open windows with critical data that you cannot lose. What should you do?
Put the notebook into hibernation. Hibernation copies contents of RAM to a file on the hard disk and then shuts down completely. Hibernation uses no battery power because the device is off.
You install the drivers to connect your new music player to your Windows 10 computer. Immediately following the device installation, you get a bluescreen error. You reboot the computer, but it displays the same bluescreen and stops the boot process. What should you try first to get the computer to boot successfully?
Reboot and Repair your computer and then choose Startup Repair.
You are configuring an application trigger and split tunneling on your VPN connections for your users. Match each command with its description.
Set up the app trigger: Add-VpnConnectionTriggerApplication -Name %Name of VPN% -ApplicationID %Path to Application% Enable split tunneling:Set-VpnConnection -Name %Name of VPN% -SplitTunneling $True Set the idle disconnection time:Set-VpnConnection -Name $vpn- IdleDisconnectSeconds 5 Remove auto-trigger from a VPN connection:Remove-VpnConnectionTriggerApplication -Name $vpn -ApplicationID $app Confirm auto-trigger settings:Get-VpnConnectionTrigger -Name $vpn
You are the Windows desktop administrator for your company. You would like to manage your computers remotely using the Windows Remote Shell. You need to enable remote management on each target computer. What should you do?
Run winrm quickconfig
Once a user is connected to a Wi-Fi network, Windows 10 saves all the information to a Wi-Fi profile. Which of the following settings are saved? (Select three.)
SSID Security settings Password
Where can you find the Windows Update settings in Windows 10?
Settings > Update and Security > Windows Update
Which path would you use to uninstall an update that was automatically installed by Windows Update.
Settings > Update n Security > View Update History > Uninstall Updates
A user keeps attempting to open a text file. All that happens is a Command Prompt window flashes on screen and then disappears. Which of the following actions will help you determine the cause of this issue?
Show full file extensions
You are troubleshooting a problem that keeps occurring on your Windows system. When the problem happens, there are several Warning and Error events logged to the Application log in Event Viewer. You create a Custom View that shows only Warning and Error events. During troubleshooting, you filter the Custom View to show only the Error messages. How can you create a new Custom View using the current filter settings?
Save the filter to a Custom View.
Wireless networks can also be managed using the Network Shell (Netsh) command line utility. Match the appropriate command with its description.
Shows the list of wireless profiles. netsh wlan show profiles Retrieves the stored key (password) or a wireless network. netsh wlan show profiles name=[profile name] key=clear Deletes a wireless profile. netsh wlan delete profile name=[profile name] Shows all supported capabilities of the wireless adapter. netsh wlan show wirelesscapabilities
You need to deploy a new cloud-based Windows Intune deployment to manage mobile devices in your organization. Arrange the deployment configuration tasks in proper order on the right. Not all tasks will be used. Step1
Sign up for an Intune account.
Once a piece of malware is detected and reverse-engineered, its unique characteristics are identified. Anti-malware programs use these characteristics to identify malware. What do anti-malware programs call these unique characteristics of malware?
Signature
You are creating an app protection policy. You must choose a Windows Information Protection (WIP) mode. You would like to allow users to relocate data away from protected apps and log when this is done. Which mode should you use?
Silent You should use the Silent mode. This allows your users to relocate data away from protected apps while letting you know when this happens. Allow Overrides prompts the user when relocating data from a protected app to a non-protected app. The action is logged if the user overrides this prompt. Block will block all enterprise data from leaving protected apps. Off also allows the user to relocate data away from a protected app, but it does not log the action.
You are publishing a line of business desktop app in Microsoft Intune that you want deployed to the Intune Company Portal. You want to allow users to install it if they need it. The app is intended to be installed on Windows 10 desktop and notebook managed devices. How should the app be added to be deployed to these devices?
Software installer .MSI You would choose Software installer with an .MSI file. This option is used to publish a traditional desktop application to a managed desktop or notebook system.
What data on a Windows system is monitored to create the reliability and problem history chart in Reliability Monitor (select two.)
Software installs/uninstalls System memory failures
You have a Windows 10 computer configured with volumes C: and D:. You want to schedule backup jobs of the C: volume to include all user files on the C: volume as well as creating a system image of the C: volume. How do you configure the backup job and the schedule with a minimal amount of effort?
Use the Backup and Restore (Windows 7) console.
Your Windows 10 computer has the following drives: C: (System drive with user profiles) E: (Data files) F: (External USB hard drive) You enable system protection on the C: drive. You also schedule regular backups with the following settings: Back up all user libraries Back up the C: and E: drives Include a system image Save the backup to the F: drive Last night the E: drive crashed. How can you restore the data files found in the E: drive?
Use the Backup and Restore console to restore data from a backup.
To protect the data on your Windows 10 computer from loss or corruption, you enable system protection on all drives in your computer. You also schedule regular backups with the following settings: Back up all user libraries Back up all drives Include a system image Today, you notice that your user profile settings are corrupt. How can you restore the user profile settings with the least amount of effort?
Use the Backup and Restore console to restore the user profile from backup.
Consider the Reliability Monitor output shown below. Which status does the yellow triangle icon with an exclamation point represent?
Warning
Windows Update for Business (WUfB) lets you keep devices current with the latest security upgrades and features. Which operating system releases does WUfB support?
Windows 10
Why are many organizations implementing co-management today?
Windows 10 devices are cloud-managed while previous versions are managed using Configuration Manager.
Which of the following is true about Windows Update?
Windows 10 does not allows the user to turn security updates off using the Settings app or Control Panel. By default, each client contacts the Microsoft website for updates.
What is the tool that queues messages, checks several security and maintenance-related items, and consolidates messages and status updates for several other tools called?
Windows Action Center
What tools or services rely on Security Center to be active and running to function well? (select two.)
Windows Action Center Network Access Protection
Which cloud-based Microsoft tool would you use to reset, repurpose, and recover devices?
Windows Autopilot
You are an administrator with 550 devices to enroll into Intune. You choose to bulk enroll them. Which other software will you need to build the package necessary to bulk enroll the devices via USB or network location?
Windows Configuration Designer (WCD)
You are very concerned that employees or their applications will download sensitive data from your company's SharePoint site, network shares, and intranets using their mobile devices. Which cloud-based technology would you implement in order to encrypt that data?
Windows Information Protection (WIP)
Which of the following channels are provided by microsoft to manage deployment of updates to your Windows 10 system? (Select three).
Windows Insider Program Long-term Servicing Channel Semi-annual
Which of the following is an accurate description of the function of the Windows Performance Analyzer (WPA)?
Windows Performance Analyzer (WPA) presents trace content in the form of interactive graphs and summary tables. Windows Performance Recorder (WPR) generates Event Trace Log files for analysis. A Data Collector Set (DCS) captures system performance statistics over a period of time. Performance Monitor displays real-time visual graphs of a computer's overall performance.
You have a Windows system that you would like to manage remotely. The computer connects to the network behind a firewall that blocks all but the most common ports. Which remote management solution does not require additional firewall ports opened?
Windows Remote Shell (WinRS)
Which of the following tools can be used to troubleshoot and validate Windows updates?
Windows Server Update Service (WSUS) Windows Update Troubleshooter PowerShell
Which of the following are true about Windows Update for Business?
Windows Update for Business can be used with all versions of Windows 10 except Windows 10 Home. Windows Update for Business can be configured with Group Policy, Mobile Device Management, or Systems Center Configuration Manager. Windows Update for Business provides the latest features for your Windows 10 devices, including security upgrades.
Understanding Windows 10 power options is important as you roll out new devices in your IT enterprise and users become more mobile. Rank the six standard ACPI states in order from highest to lowest power consumption.
Working State Modern Standby Sleep Hibernate Soft off Mechanical off
You have noticed malware on your network that is spreading from computer to computer and deleting files. Which type of malware are you most likely dealing with?
Worm
You need to enable Remote Registry on your Windows desktop system. Click the Task Manager option you would use to do this.
You can use the Services tab in Task Manager to start, stop, or restart system services. In this example, you would go the Services tab, right-click the Remote Registry service, and click Start.
Before you can manage apps using Intune, which three prerequisites must be met? (Select three.)
You must meet the following three prerequisites before you can manage applications with Intune: The users must have an account in Azure Active Directory. The users must be assigned to groups in Azure Active Directory. The users' devices must be enrolled in Intune.
You need to use command line tools to prepare the default drive on a Windows system for use by BitLocker. The new system partition should be 500 MB in size and should not be assigned a drive letter. Which command should you use?
bdehdcfg -target default -size 500 The bdehdcfg -target default -size 500 command creates a system partition of 500 MB on the default drive. The new system partition is not assigned a drive letter.
iOS and MacOS
iOS devices with iOS 7 or later and Mac computers with X Mavericks 10.9 or later
There are several methods to enroll devices depending on ownership, platform, or management requirements. Match each of the items on the left with the appropriate group name on the right. Platform
iOS, Windows, or Android
What are some of the resources you can look at first when troubleshooting startup issues with your PC? (Select two.)
msconfig Task Manager
The sales reps in your organization use a VPN connection on their Windows notebook systems to access the corporate network while traveling. You are concerned that a sales rep has configured his VPN connection to automatically remember his credentials for accessing the VPN server. This violates your organization's security policy. Click the option in the VPN Connection Properties dialog you would use to disable this functionality.
options
You want to set the power scheme using the command line. Which command would you use?
powercfg
You want to set the power scheme using the command line for power management. What command would you issue in Command Prompt?
powercfg /s guid You should choose powercfg /s guid to set the power scheme.
You need to interactively access Command Prompt on a remote Windows system named WS1 from your Windows workstation. Which command should you use to do this?
psexec \\WS1 cmd
To protect your system and the data on your Windows 10 computer, you use the Backup and Restore console to create a system image backup. While working with a file, you accidentally delete some of the data. You need to restore the older version of the file, but you cannot find any previous versions of the file. What should you do? (Select two. Each answer is part of the complete solution.)
se Windows Explorer to browse to and then copy the file. Attach the .vhd file created from the Backup and Restore console.
Which of the following utilities allows you to change the startup type of a service to Automatic (Delayed)?
services.msc
Which command can be used to attempt to repair infected files?
sfc
The PowerShell command line interface (CLI) uses simple command construction. What is the typical form of a PowerShell command?
verb-noun -adverb
You have been given a USB drive that has been encrypted with BitLocker To Go. Which of the following options is required before you can access the data from this drive on a Windows 10 computer? (Select two. Each answer is a complete solutions.)
-A smart card -Correct Password
Put the steps for the suggested procedure for remediation of an infected system in the order they should be performed in.
1) Identify the symptoms 2) Quarantine the infected system 3) Disable System Restore 4) Update anti-malware definitions 5) Scan for and remove malware 6) Schedule future anti-malware scans 7) Re-enable System Restore 8) Educate the end user
You would like to utilize a device enrollment manager (DEM) Azure AD account to enroll your devices into Intune. What is the maximum number of devices a DEM account can enroll?
1,000
You would like to utilize a Device Enrollment Manager (DEM) Azure AD account to enroll your devices into Intune. What is the maximum number of devices a DEM account can enroll?
1000
You have a Windows 10 system. You have used the Settings app to access Windows update. From this location, how long can you pause updates?
7 days
What is Windows Action Center?
A central location for managing system messages and resolving issues within your system.
What is WindowsUpdate.log?
A log file that can be created and saved and can be used to locate errors or problems.
You are getting ready to implement mobile application management (MAM) in your environment. You realize that there are distinct phases of an application life cycle that your apps will take over the course of time. Put the app life cycle phases in order.
Add Deploy Configure Protect Retire
As part of the regular system maintenance on your Windows system, you are checking Performance Monitor statistics and Event Log events. You notice that there are several Error events listed with the same ID number. They also contain a description that sounds as if the error is related to system hardware. You check your Performance Monitor logs but don't notice anything unusual around the time that the events were generated. Which step must you take to get an email every time the event is logged so you can check the system statistics at that moment?
Attach a task to the event.
As an administrator, you are very concerned with network, application, device, user, and data security. You want to minimize the number of places where an attacker could compromise your devices or networks. Which Defender ATP component would you implement?
Attack Surface Reduction You should choose Attack Surface Reduction. This set of configurations are the front line of defense for any network system. These configuration include: Firewall App controls Network protection Security configurations
Your systems have been hacked! As you try to discover the extent of the breach, you realize that you need help assessing the depth of the attack and amount of damage. Which Defender ATP component would you utilize?
Automated Investigation & Remediation
You are publishing an app in Microsoft Intune that you want deployed to the Intune Company Portal. You want to allow users to decide whether they want to install it on their managed devices or not. Which type of deployment action should you configure using Intune policies?
Available for enrolled devices install You would choose Available for enrolled devices install. This deploys the app to the Intune Company Portal so that users can decide whether they want to install it on their devices or not.
You are looking for a cloud-based solution that helps you classify and protect your company's documents and emails by applying labels and rules to detect sensitive information. You want to track and control how they are used. What Azure-based technology would you implement?
Azure Information Protection policies-- These allow you to classify documents and emails so you can protect sensitive information.
You are reviewing your corporate policies for mobile device security. You want to include a policy for letting users bring their own devices (BYOD). Which of the following should be included in a robust BYOD policy? (Choose five.)
BYOD Policy All software must be kept up to date. A method to easily report lost or stolen devices immediately. A PIN or other strong device unlock method must be used. Never connect to a public Wi-Fi network. Backup and device encryption solutions.
Why is command history so useful in PowerShell?
Because it allows you to use the up arrow key to select a previously used command instead of retyping it.
You want to protect all the files on the hard drive of your Windows notebook system to prevent unauthorized access. You want to prevent access to any encrypted file on the hard drive, even if the hard drive is moved to another computer. Which feature should you implement?
BitLocker BitLocker protects unauthorized data access on lost or stolen laptops or other compromised systems. BitLocker encrypts the entire contents of the operating system partition, including operating system files, swap files, hibernation files, and all user files. A special BitLocker key is required to access the contents of the encrypted volum
You install a new graphics application on your Windows machine. During installation, the computer reboots, but hangs during startup. Pressing F8 has no effect. To fix your computer so it will start, what should you try first?
Boot from the installation disc and restore to a restore point.
You have recently made some changes to your Windows system. Things seemed to run fine for several days. Today, however, your computer has started to be unstable. Shortly after you log on on, the system crashes and hangs. Which of the following will most likely correct the problem in the least amount of time?
Boot into Safe Mode and restore to a restore point
One day while trying to start your Windows 10 system, you see the error Operating system not found displayed. Which of the following options will most likely fix the problem?
Boot into the recovery environment and run the bootrec /fixmbr command on the boot volume.
One day while trying to start your Windows 10 system, you see the following error displayed: -"Could not read from the selected boot disk. Check boot path and disk hardware." Which of the following will most likely fix the problem?
Boot into the recovery environment and then run the bootrec /rebuildbcd command
The vendor of your accounting software recently released an update that you downloaded and installed on your Windows system. Unfortunately, now your accounting software crashes when launched. Which action can you take to get your system running properly as quickly as possible without losing your accounting files? (Select two. Each answer is a possible solution.)
Boot the system from a recovery drive and click Troubleshoot > Advanced Options > System Restore
You are using a Windows 10 system to work on the schedule for a very important project. You saved your files in the Documents library of your user account. Unfortunately, malware from a malicious website has infected your system. You were able to remove the infection with anti-malware software. However, after shutting down, you discover that Windows does not boot properly. Which action can you take to get your system back up and running properly without losing your project files and while minimizing the risk of infecting other systems on the network? (Select two. Each option is part of the complete solution.)
Boot the system from a recovery drive. Click Troubleshoot > Reset this PC > Keep My Files
When you initially set up your Windows 10 system, you configured it to create regular backups. You have also kept an up-to-date system image. Recently, your system has been experiencing serious issues. At first, the system would boot and let you log on, but then it would crash within a couple minutes. You tried booting from the installation DVD, clicking the Repair your computer option, and running Startup Repair and System Restore to resolve the issue. Both of these options failed to recover your system. You want to avoid losing installed applications and data. You have again booted from the installation disc. Which of the following options should you try next?
Click Repair your computer. Click Troubleshoot. Run the System Image Recovery option.
Next You were having trouble with your Windows system, and you initiated a Remote Assistance session with a Help Desk technician. The technician has taken control of your system to perform several checks. She has now asked you to take back control of the system. What should you do? (Select two. Each answer is a complete solution.)
Click Stop sharing. Press Esc.
You use a custom application that was developed in-house. On a periodic basis, the application writes or modifies several registry entries. You want to monitor these registry keys so that you can create a report that shows their corresponding settings over the next 5 days. What should you do?
Configure a configuration data collector in Performance Monitor.
You share your Windows system with several other users. You are concerned about the amount of disk space use on the computer. What can you do to be notified by email when the used disk space exceeds 85%?
Configure a performance counter alert.
As an administrator, you are configuring a compliance policy in Intune. Place the following in the correct order to properly configure this policy. Step 3
Configure one or more settings to enforce
You use a VPN connection on your Windows desktop system to access resources on a corporate intranet. In addition to accessing the intranet resources, you need to access the internet while the VPN connection is active. How can you prevent internet traffic from going through the VPN connection?
Configure the Advanced TCP/IP Settings of the VPN connection. In Advanced TCP/IP Settings, clear the Use default gateway on remote network checkbox to disable routing of internet traffic through the VPN connection.
You would like to configure Event Subscriptions on your Windows system to forward events to a network server. You need to configure your computer as a source computer for a source-initiated subscription. Which of the following will be part of your configuration? (Select two.)
Configure the Local Security Policy to identify the FQDN of the collector computer. Run the winrm qc -q command.
You want to use BitLocker on a laptop that belongs to a domain. Your implementation should meet the following requirements: The laptop should start up without requiring a PIN or a USB device. To meet security requirements, USB support must be disabled on the laptop. The computer should automatically generate recovery keys and store them in a central location. How can you implement a solution that meets the stated requirements? (Select two. Each answer is part of the complete solution.)
Configure Group Policy to store recovery keys in Active Directory. Implement BitLocker with a TPM.
You need to deploy a new cloud-based Windows Intune deployment to manage mobile devices in your organization. Arrange the deployment configuration tasks in proper order on the right. Not all tasks will be used. Step 2
Create Intune user accounts
You are using the System Information utility, and you want to see the size of the disks installed and how much free space you have. Which option would you expand?
Components
How is conditional access a benefit of implementing co-management?
Conditional access allows you to control which devices and apps can connect to your organization.
Which of the following statements best describes Configuration Manager? (Select two.)
Configuration Manager has been around for many years and is a powerful, on-premises, traditional management tool Configuration Manager is also known as System Center Configuration Manager (SCCM)
You have just installed Windows 10 a new notebook. The notebook does not have a Trusted Platform Module (TPM) chip. You want to configure the computer to use BitLocker to protect the volume used for the operating system and all user data. What should you do? (Select two. Each correct answer is complete solution.)
Configure BitLocker to require a PIN for startup. Configure BitLocker to use a startup key on a USB drive.
You manage Windows notebook systems that are members of a domain. You have ten regional salespeople who travel extensively and use these notebooks to access company resources. The users have complained that although they can take copies of important files with them into the field, occasionally, they have been caught with out-of-date documents because no one told them the files had been updated. Additionally, some files they modify need to be distributed to all the other sales staff. What can you do to provide the needed access to these shared files?
Configure the Offline Files feature for the folder that contains these files. The Offline Files feature meets the scenario requirements. Offline Files creates locally cached copies of files stored on the server. It synchronizes changes made to the local copies.
You need to configure the following power options on your Windows notebook system when running on battery power: Put the computer to sleep after 15 minutes of idle time. Have the wireless adapter enter a strict power saving mode. Shut down the computer if you close the lid. What should you do?
Configure the advanced settings of any power plan. The combination of the requirements force you to use the advanced settings of a power plan. Enabling a default power plan does not fulfill all the requirements.
How do you configure your Windows 10 system to require all removable data drives to mount as read-only unless the device is protected with BitLocker To Go?
Configure the local Group Policy. Using the Local Group Policy Editor, enable the Deny write access to removable drives not protected by BitLocker policy in Group Policy to allow write access only to removable drives that use BitLocker.
While managing the available memory for applications on your Windows system, you discover that the paging file is set below the recommended size. Which answer is a common recommendation for setting the size of the paging file?
Configure the paging file to one and a half to two times the amount of physical RAM.
Which application would you use to include device updates with Windows Update?
Control Panel
Your Windows system has two volumes defined. The C: volume contains the Windows system and is formatted with NTFS. The D: volume is formatted with FAT32. Which action must you take to create a system image backup with the D: volume as the destination?
Convert the D: drive to NTFS
On your Windows system, you run a custom application that was developed in-house. The application generates Event Viewer events and logs those events to the default Application and the Security logs in Event Viewer. As you monitor the application, you would like to be able to do the following: View all events related to the application from a single log. View only the events related to the application and no others. View the necessary events with minimal future configuration. Save the Event Viewer configuration so that you can easily export and import the solution to other servers that will be running the application. What should you do?
Create a Custom View.
You have just installed a custom application on your Windows system. The application generates Event Viewer events and logs those events to the default Application and the Security logs in Event Viewer. You are concerned about system performance while running the application. You would like to be able to view the current statistics for the processor, memory, and disk reads and writes. You only want to see these statistics and no others, and you want to be able to easily save the configuration so that the same statistics are shown each time. What should you do?
Create a Data Collector Set in Performance Monitor. Use Data Collector Sets to define statistics to gather over time. These statistics are saved to a file. You open the file to analyze the statistics. You cannot view current statistics from a defined Data Collector Set.
You have all Windows 10 devices in your cloud-based Intune environment. You want to set up Always On VPN on each device to utilize the built-in VPN client in Windows 10. What is the fastest way for you to configure all your devices?
Create an Always On VPN configuration profile in Intune and assign it to the AllUsers group.
You are getting ready to install Windows 10 on a new laptop. You would like to configure the laptop to use BitLocker. How can you configure the laptop to start without requiring a PIN or a USB device? (Select two. Each answer is part of the complete solution.)
Create two partitions on the hard disk. Put boot files on the first partition and operating system files and data on the second partition. Enable the TPM.
Your Windows computer has system protection enabled on the system drive. By default, restore points are only created when a Windows update occurs. In the last week, since the last Windows update, you have installed a video editing application that you use every day. Today you installed a new sound card with the driver that came with it. Your system started behaving erratically after you rebooted. You tried updating to the latest driver for the sound card, but that didn't help. So you used System Restore to get your computer back to the state it was in before you installed the sound card. After you reboot your computer, you realize you have to install your video editing application again. Which action would have helped you avoid having to reinstall the application?
Creating a manual restore point just before installing the sound card.
Which malware type is designed to facilitate identity theft?
Crimeware
Consider the Reliability Monitor output shown below. What does the red circle with the letter x represent?
Critical Event
The users in your organization bring their own mobile devices to the office and want to be able to access the network with them. You want to protect your network from malware threats that might be on these devices. You want to make sure these devices meet certain requirements before they can connect to the network. For example, you want them to meet the following criteria: Hardware and Windows startup components are clean. The kernel is not infected with a rootkit. Boot drivers are clean. Which Windows feature can you use to protect your network from malware threats that might be on your users' mobile devices?
Device Health Attestation (DHA)
What are two ways you can run PowerShell cmdlets remotely?
Directly from the command, use the computername parameter. Use invoke-command followed by the name of the remote computer and then the PowerShell cmdlet within brackets.
What is it called when the hard drive light on your PC is staying on constantly, and the applications have slowed down significantly?
Disk thrashing
Using Event Viewer, you have created a Custom View to track Warning and Error events from both the Application and System logs. After a few days, there are several events in the Custom View. You would like to clear the messages from the view so that you only see messages starting from today. How do you make sure that any messages from today that are in the corresponding logs still exist?
Edit the Custom View properties and create a custom range for the logged events, starting with today's date.
For several months, your Windows computer acted like a server in the workgroup. It was optimized to share files and folders to the other computers. You no longer need the computer to act like a server. Now, you want the computer to focus on applications. After installing the applications, you believe the computer is not reacting quickly enough while using the applications. You know the machine has enough video memory and physical memory to handle the applications. What should you do?
Edit the Processor Scheduling settings.
Your Windows computer has two hard drives, both formatted with NTFS. You have enabled system protection on both disks. How do you delete all restore points while keeping system protection enable on both drives?
Edit the System Protection configuration in System Properties, and delete the restore points.
You have configured scheduled backups in the Backup and Restore console to take a backup each week. You save the backups to a network location. You find that backups are not being completed because the destination computer is asleep when the schedule time starts. The destination computer is not waking up to perform the backup. How can you make sure the backup destination device is awake and available?
Edit the backup task in Task Scheduler.
You want to be able to stop working on your Windows notebook system, save battery power, and resume work as quickly as possible. You also want to protect yourself from data loss if your battery fails. What should you do?
Enable Hibernate. Hibernate copies the contents of RAM to a file on the hard disk and then shuts down completely.
To provide additional storage space, you have added a second internal hard drive to your Windows 10 system. For the past several weeks, you have created and changed many files stored on the new hard drive. One of the files on the new drive has become corrupted. You want to recover as much as you can by reverting to a previous version of that file. After viewing the file properties, you notice that no previous versions are available. Which action must you take to ensure that you can revert files to previous versions on the new hard drive of your Windows 10 computer?
Enable System Protection on the new hard drive.
Your Windows system is a member of a domain. Windows Update settings are being controlled through Group Policy. How can you determine whether a specific security update from Windows Update is installed on the computer?
Go to Programs and Features in Control Panel.
You are an administrator with 200 Windows 10 devices that are both personal and corporate-owned. You have implemented mobile device management (MDM) as well as mobile application management (MAM) via Intune. While configuring auto-enrollment, you configured the MDM user scope to All and the MAM user scope to All. You are now ready for auto-enrollment. Which statements describe what will happen in your environment as these devices auto-enroll? (Select two.)
For corporate-owned devices, MDM user scope always takes precedence over the MAM user scope. The device is enrolled into Intune For personal devices, MAM user scope takes precedence over the MDM user scope. The device is not enrolled in Intune.
You would like to generate a report that shows the status of hardware resources, processes, and configuration information on your Windows system. How can you generate a report that includes suggestions for ways to improve the performance of your system? (Select two. Each correct choice is a complete solution.)
From Performance Monitor, under Data Collector Sets, run System Diagnostics. From Command Prompt, run perfmon /report.
How do you manage the items in the Windows Action Center?
From the Settings app.
You have opened the System Information app (msconfig.exe) and selected the tab named Boot. In the Boot options section, you have checked Boot log. What will selecting this option do
Gather information about a service or device that is running when the system starts up.
As an administrator, you are configuring a compliance policy in Intune. Place the following in the correct order to properly configure this policy. Step 1
Give the policy a unique name
A mobile broadband connection can be used to provide internet access in areas where no other option exists. Match each broadband connection with its description.
Global System for Mobile Communication (GSM) Most used standard across the world and uses a SIM card. Code Division Multiple Access (CDMA) Mainly used in the United States and Russia; it does not use a SIM card. Long-Term Evolution (LTE) Faster, newer technology that only supports cellular data transmission.
You keep your Windows laptop plugged in most of the time, and you would like to use the full CPU power for a video project you are working on. Click the power plan you would use to provide full CPU power.
High Performance The High performance power plan is best for this project since it sets the Processor power management setting to 100%.
You use a Windows desktop system to edit and produce audio files. Your system has two hard disks installed. Your applications are installed on the C: volume on the first hard disk. Because of the size of the audio files you produce, you keep them on a separate volume (D:) located on the second hard disk. Your Windows desktop system has system protection enabled on the both drives. You need to configure system protection on this system to maximize overall protection. What should you do?
Increase the amount of disk space reserved for restore points on C:
You have opened the Indexing Options dialog and navigated to Advanced > File Types tab. From this page, you can specify how the file should be indexed. Which of the following options are available? (Select two.)
Index Properties and File Contents Index Properties Only
A user calls to complain that her Windows system is running slowly. You launch Task Manager on her system and select the Processes tab. The output is shown in the image below. What should you do? (Select two. Each answer is a part of the complete solution.)
Install more RAM in the system. Install a faster CPU in the system.
You have Windows 10 devices in Azure AD, and they are enrolled in Intune. What must you do in order to also co-manage the devices using Configuration Manager?
Install the Configuration Manager client on each device.
Windows 8.1
Install the Intune Company Portal app on each device.
You manage two Windows systems named Computer1 and Computer2. You need to use the command line to remotely manage Computer1 from Computer2. What should you do?
On Computer1, run winrm qc Authenticate Computer2 to Computer1
You manage two Windows systems named Computer1 and Computer2. Both computers are members of a domain. Which steps do you need to perform so you can remotely execute commands on Computer2 from Computer1?
On Computer2, run winrm qc
You manage two Windows systems named Computer1 and Computer2. Both computers are members of a domain. Windows Remote Management (WinRM) is enabled on both computers. Which steps do you need to perform so you can use Computer2 to create an additional disk volume on Computer1?
On Computer2, run winrs and then run diskpart
You use a Windows notebook system named M400. It is a member of a domain, and it is located in a branch office. A Windows server named Server1 contains a shared folder named Data. The server is located in the main office. You need to configure M400 to cache the files from the Data share so they can be used when M400 is not connected to the network. You want the files in the Data share to automatically synchronize each time M400 connects to the network. The files must be protected by encryption; other files on M400 do not need encryption. What should you do?
On M400, make the Data share available offline and enable encryption of offline files. You should do the following: Make the Data share available offline. When network files are made available offline, the network versions of files and folders are copied to the local hard disk. Protect offline files by encrypting the offline file cache. When the cache is encrypted, a user key is used. Only the user who encrypted the files has access to the files.
You have two Windows systems named Computer 1 and Computer 2. Over the next few days, you want to be able to monitor Computer 1 from Computer 2. To do this, you want to automatically save and send Computer 1's Application and System logs to Computer 2. How would you do this?
On both computers, enable and configure Event Subscriptions. Configure Computer 1 as a source and Computer 2 as a collector.
You are troubleshooting a problem that keeps occurring on your Windows system. When the problem happens, Event Viewer shows several Error events in the Application and System logs. From a single view, you would like to see only Error events from both the Application and the System logs. What can you do in Event Viewer to make this happen?
On the Application log, filter the log to show only Error events. Save the filter to a Custom View and then add the System event log as an additional filter.
You are using a Windows desktop system to connect to a remote system using Remote Desktop. How do you prevent the desktop background on the remote computer from displaying on the local computer?
On the Experience tab of the Remote Desktop Connection, clear the Desktop Background checkbox.
You manage three Windows systems that are part of a Workgroup. You would like to configure Event Subscriptions so that you can view all events from those computers on your Windows notebook. You need to configure the three source computers and one collector computer. The subscription will be a source-initiated subscription. What should you do? (Select two. Each answer is part of the complete solution.)
On the collector computer, configure the subscription. On all four computers, run the winrm qc-q command. On the collector computer, run the wecutil qc /q command.
You have previously installed Windows 10 on two new computers and configured both computers with BitLocker. Both computers have a TPM installed. Because of a hardware failure, one of the computers will not boot. You replace the failed hardware, but now BitLocker is preventing the system from starting because it has failed the startup system integrity checks. Which of the following options would you use to reconfigure BitLocker so the system will start?
Recovery key
You are publishing an app in Microsoft Intune that you want to be automatically deployed on managed devices using the Intune agent. Which type of deployment action should you configure using Intune policies?
Required install
There is an app available in the Windows Store that users need to complete their day-to-day tasks. You want to deep link this app in Microsoft Intune to automatically install it on managed devices using the Intune agent. How should you configure the software to be made available to these devices when publishing the app? (Select two.)
Required install & External link
There are several methods to enroll devices depending on ownership, platform, or management requirements. Match each of the items on the left with the appropriate group name on the right Management Requirements
Resets, affinity, and locking
You suspect that a process on your Windows computer is causing a large amount of network activity. You would like to view the network activity on your computer filtered by specific processes. Which of the following tools will display the most detailed information about network activity?
Resource Monitor Resource Monitor displays additional information not found in Task Manager.
You are analyzing the CPU utilization on you system. Why would you use Resource Monitor rather than Task Manager?
Resource Monitor provides much more granular information than Task Manager.
You would like to configure Event Subscriptions on your Windows system to forward events to a network server. You need to configure your computer as a source computer for a collector-initiated subscription. Which of the following will be part of your configuration? (Select two.)
Run the winrm qc command.. Add the collector computer to the Event Log Readers group.
You are supporting a Windows 10 computer that has the following volumes: The C: drive is the system drive with user profiles and individual user files. The D: drive holds data files common to all users. System Protection has been configured as follows: A system image backup has been created that includes both the C: and D: drives. Regular backups are scheduled to back up all user libraries. The scheduled backup includes a system image. System Restore has been used to take a snapshot. A user has edited and saved a file on the D: drive. The user doesn't like the changes and wants to revert to a previous version of the file. The user goes to the Previous Versions tab of the file and sees nothing listed. How can you help the user restore the previous version of the file?
Restore the file from the system image.
As part of your regular system maintenance, you install the latest operating system updates on your Windows 10 computer. After several days, you notice that the system locks up and reboots from time to time. You suspect that a recent update is causing the problem. How can you quickly restore the computer to its state before the updates?
Restore the system using a restore point.
What are some of the execution policies that Windows has in place to protect PowerShell against malicious users? (Select two.)
Restricted and Unrestricted AllSigned and RemoteSigned
Your Windows system has been infected with malware that has replaced the standard boot loader on the hard disk with its own malicious software. Which type of exploit is being used in this scenario?
Rootkit
Your Windows 10 computer has two hard drives formatted with NTFS. You have enabled System Restore on both disks. How can you delete all restore points except for the last restore point?
Run Disk Cleanup.
You need to customize which utilities and programs load on your Windows system at startup. What should you do.
Run System Configuration
You have just added a new 300 GB hard drive to a Windows computer. You create a single volume named Data and format the volume using FAT32. The volume is assigned drive letter D:. You copy several files to the new hard disk. Which action must you take first to include the disk in restore points created on the computer?
Run convert.exe to change the drive to NTFS.
What tool can be used to automatically fix common startup problems?
Startup Repair
Many of your users have iPhones and iPads that they use to complete their day-to-day tasks. You have enrolled these devices with Microsoft Intune. You now need to publish an app from the Apple App Store to these devices. How would you deploy this iOS app to these devices?
Store app type, then search the App Store
Microsoft Intune has four different app categories. Match each description with the associated category.
Store apps Apps installed from the device's app store, such as the Google Play Store for Android Devices. In-house apps Custom-built apps designed for a specific organization. Built-in apps Apps built into iOS or Android devices. Web apps Apps that run on a website and are completely online.
Local Profile
Stored on just one device; user can change settings.
Roaming Profile
Stored out on the network; user can change settings
Which of the following BitLocker modes is the recommended option and provides the highest level of security?
TPM with PIN and startup key TPM with PIN and startup key: Performs system integrity checks Prompts the user to input a PIN before the computer boots Checks for the required startup key on a USB flash device Boots to recovery mode if the USB flash device is unavailable or the wrong PIN is entered Provides the highest level of security and is the recommended option
You have a utility on your computer that needs to run regularly on a set time and day each week. What tool would you use to accomplish this task?
Task Scheduler
Drag each PowerShell feature or function on the left to the appropriate description on the right.
These let you access data stores, such as the registry and certificate store, in a way similar to accessing the file system. Providers This is text-based and uses a simple command syntax. Command line interface You can use this to redirect the output of one PowerShell cmdlet to the input of another. Piping These contain one or more PowerShell cmdlets. Script files These are executed at a PowerShell prompt to perform system management tasks. Cmdlets
What is the main purpose of the dxdiag utility?
Test the system's multimedia capabilities.
You have created several Intune MDM policies. You would like to assign them to manage your mobile devices and users. You can assign the MDM policies to either user groups or device groups. If you select user groups, what will happen?
The MDM policies will apply to every device that user uses.
Which of the following are true about File History backups or restore points? (Select three.)
The following are true regarding File History backups or restore points: File History only works on NTFS partitions. File History is turned off by default and must be enabled to benefit from its functionality. The File History tool can be used without the involvement of IT workers. The users can easily restore their own files and folders. File History can be used to recover entire user folders, user libraries, desktop folders, and offline OneDrive files. File History backups use Volume Shadow Copy (VSS), which runs in the background and does not interfere with computer performance. When you view the history of a file, it is opened in read-only mode. You can browse through a previous version of a folder and navigate the directory structure. You can copy the previous version of the file to a new location or restore it to the same location. This overwrites the existing version.
Which of the following are true regarding Remote Assistance? (Select two.)
The helper cannot copy files from a user's computer. Invitations require a password and have an expiration date.
Drag the BitLocker security component on the left to its description on the right. (Components may be used once, more than once, or not at all.)
The only option for systems without a TPM chip. Startup key Provides access to encrypted volumes if there are problems related to BitLocker as the computer boots. Recovery key A user account that can recover encrypted data from BitLocker-protected drives when the password or keys are lost. Data Recovery Agent A copy of this is saved in the TPM. PIN Must be present on a USB flash device during system startup. Startup key Without this, the system can only boot to recovery mode, and the data on the disk cannot be accessed. Recovery key
You are interested in publishing an application in Intune. Arrange the steps on the left in the pane on the right in the order required to publish an application in Intune.
The process for publishing an app in Intune is as follows: Access the Intune Admin console and go to the Apps workspace to add a new app. Launch the Intune Software Publisher and walk through the publishing wizard. During this process, you must decide how the software will be made available to devices. Determine which user or device groups you want to deploy the software to. Only the users or devices who are members of the group(s) specified will be allowed to install the application. Determine the deployment action for the application (available install or required install). You can also configure a deadline for installation. After the application has been published, it is deployed to enrolled devices. The way this happens depends on the type of installation. For required installs, the Intune agent software automatically installs the application in the background. For available installs, the user can access the Company Portal and manually download and install the application.
Temporary Profile
The profile the user will get if their local, roaming, or mandatory profile is unavailable.
A user contacts you to let you know their Intune-enrolled device has been remotely locked. What would have caused this?
The user's device is non-compliant and was remotely locked.
A user calls and complains that she cannot access important company files from her personal device. You confirm that Intune policies are properly set up and assigned to her. What could be the issue that is blocking her from accessing the files?
The user's device is rooted or jailbroken
You have a Windows 10 user that calls from home and alerts you that they cannot connect to Wi-Fi and therefore cannot start the VPN to access company resources and print a document. When they take their laptop to the coffee shop, it connects just fine. What is most likely the cause of their problem?
There is a duplicate SSID in their vicinity.
You are viewing the reliability and problem history chart in Reliability Monitor on a Windows system. Some sections of the graph are displayed with a dotted line. What does the dotted line indicate?
There is not enough data to calculate the stability index.
You are reviewing configuration scores from all your devices in the categories of Application, Network, Accounts, Security Controls, and OS. Which component of Microsoft Defender ATP are you using?
Threat & Vulnerability Management
You are trying to establish a Wi-Fi Direct connection between a Windows desktop system and a Windows tablet device. You have installed an 802.11n wireless adapter in the desktop system. However, you are unable to see the tablet device. Which action must you take to see the tablet device from the desktop?
Update the wireless network adapter driver on the desktop system to one that is compatible with Wi-Fi Direct. The drivers used for your wireless network adapter must be Wi-Fi Direct compatible to establish Wi-Fi Direct connections with other devices. In this scenario, the wireless adapter in the desktop system is the most likely culprit as it is a third-party device that was not installed by the manufacturer.
You run a regular file backup on your Windows 10 computer every Friday night, which also includes a system image backup. System Protection has been enabled for all drives on the system. On Wednesday, you receive a new version of a graphic editing application that you use regularly. You install the new application, but you find that the application does not work properly. When you try to run the original application, you find that the upgrade has deleted it from your system. You also find that some of the graphics files you had been working on yesterday have been deleted. What can you do to get things back to normal as quickly as possible? (Select two. Each answer is part of the complete solution.)
Use File History to restore the missing files. Use System Restore to revert to a restore point before you installed the application.
You have just read about a new security patch that has been made available for your Windows system. You install the patch as a Windows update. After you reboot and sign in, your computer appears to be unstable. Which action should you take? (Select two. Each answer is part of the complete solution).
Use Programs and Features to remove the update. Use the Setting app to uninstall the update.
You need to implement a solution for the sales reps who complain that they are unable to establish VPN connections when they travel because the hotel or airport firewalls block the necessary VPN ports. Which VPN security protocol can you use to resolve this issue? PPTP
Use Secure Socket Tunneling Protocol (SSTP) for the VPN protocol. SSTP uses SSL, which uses port 443. Because SSL is used by many websites for secure transactions, this port is already opened in mos
You use an application on your Windows system that compresses videos used in your online business. You want to make sure that the application continues to run in the background even if you open other applications. How do you adjust the amount of attention given to that application?
Use Task Manager to modify the process priority. Use Task Manager to configure the process priority. Priority controls how the system can delay or switch between processes. By default, the system typically gives a higher priority to a process that has active user input or interaction. Processes can continue to run in the background. Virus scanners, video compression, and backups are examples of processes that run in the background while you continue working in a different application. If a background process has a priority that is too high, the system might seem slow and unresponsive when running other programs.
You need to monitor the processor utilization on your Windows system. You want to get an email notification every time the processor utilization exceeds 90%, so you create a new Data Collector Set in Performance Monitor. Which type of Data Collector should you create?
Use a performance counter alert to be notified when a counter is above or below a threshold amount.
You manage a Windows computer that is shared by multiple users. Recently, a user downloaded and installed two malware programs on the computer. The applications had a .msi extension. What is the first line of defense in protecting your system against applications like these from being copied or downloaded to your system?
Use anti-malware software that provides real-time protection
Windows 10
Use direct enrollment if available
You support a Windows 10 computer that has the following volumes: The C: drive is the system drive with user profiles and individual user files. The D: drive holds data files common to all users. The user has taken the following actions: Scheduled regular backups to back up all user libraries. The scheduled backup includes the entire D: drive as well as a system image. Used System Restore to take a snapshot. After working with a file on the D: drive, the user has accidentally deleted most of the data in the file. The user needs your help to recover the file as it existed before making the changes. You check the System Protection settings and find that System Protection is not enabled for the D: drive. How can you restore the data in the file with the least amount of effort?
Use the Previous Versions tab of the file properties to restore the file.
To protect the data on your Windows 10 computer from loss or corruption, you enable system protection on all the drives in your computer. You also schedule regular backups of the system drive and all other drives using the Backup and Restore (Windows 7) console. After working with a file, you notice that you accidentally deleted most of the data. How can you restore the file to the state it was in before you modified it? (Select two. Each answer is a complete solution.)
Use the file's properties to restore a previous version of the file. Use the Backup and Restore (Windows 7) console to locate and restore the file.
There are four things users must do or have to implement MAM app protection policies in your environment. Drag the four requirements for MAM to the right.
User Requirements for MAM: Have an Azure AD account Belong to a group with policies assigned Sign into the app with an Azure AD account Have an Intune license
Balance and migrate workloads
Using Config Manager with intune
Which of the following syntax examples is used by a PowerShell cmdlet?
Verb - noun
While deploying Windows updates, when would you use the critical update ring?
When deploying updates to machines (only after the update has been vetted).
What happens when you plug a SIM card into your Windows 10 machine? Put the following in order of occurrence.
When the SIM card is inserted in a Windows 10 machine, the following steps happen: The International Mobile Subscriber Identity (IMSI) is read. The Integrated Circuit Card ID is read. The service provider's ID and name are read. Windows uses this information to determine which mobile carrier the SIM card belongs to. Windows automatically downloads and installs the modem and appropriate apps. Once all drivers and apps are installed, Windows can initialize the modem and begin connecting to the network.
You need to implement a wireless solution to connect Windows notebook systems with mobile devices such as tablets and phones. You need to do this without investing in additional technology. Which mobile wireless technology can leverage the existing 802.11n wireless network adapters already installed in your notebook systems?
Wi-Fi Direct Wi-Fi Direct creates a high-bandwidth, point-to-point wireless connection between Wi-Fi Direct compatible devices and a Windows system. Wi-Fi direct uses the 802.11n wireless standard to establish a link between devices.