Online Access Free 070-744 Practice Test

The "Network Security: Restrict NTLM: NTLM authentication in this domain" policy setting allows you to deny or allow NTLM authentication within a domain from this domain controller.
Which value would you choose so that the domain controller will deny all NTLM authentication logon attempts using accounts from this domain to all servers in the domain.
The NTLM authentication attempts will be blocked and will return an NTLM blocked error unless the server name is on the exception list in the Network security: Restrict NTLM: Add server exceptions in this domain policy setting.

• A.Deny for domain accounts to domain servers
• B.Deny for domain accounts
• C.Deny all
• D.Deny for domain servers

You plan to deploy three encrypted virtual machines that use Secure Boot. The virtual machines will be configured as shown in the following table.

How should you protect each virtual machine? To answer, select the appropriate options in the answer area.

Correct Answer:

Explanation
VM1: A shielded virtual machine
VM2: An encryption-supported virtual machine
VM3: An encryption-supported virtual machine
Shielded VM Prevents Virtual Machine connection and PowerShell Direct, it prevent the Hyper-V host to interactin any means with the Shielded VM.
https://docs.microsoft.com/en-us/windows-server/virtualization/guarded-fabric-shielded-vm/guarded-fabric-ands

You implement Log Analytics in Microsoft Operations Management Suite (OMS) on all servers that run Windows Server 2016.
You need to generate a daily report that identifies which servers restarted during the last 24 hours.
Which query should you use?

• A.EventLog=Application EventId:6009 Type:Event TimeGenerated>NOW-24HOURS
• B.EventLog=Application EventId:6009 Type:Event TimeGenerated>NOW+24HOURS
• C.EventLog=System EventId:6009 Type:Event TimeGenerated>NOW-24HOURS
• D.EventLog=System EventId:6009 Type:Event TimeGenerated>NOW+24HOURS

Note: This question Is part of a series of questions that present the same scenario. Each question In the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to It, As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts.
You need to deploy several critical line-to-business applications to the network to meet the following requirements:
*The resources of the applications must be isolated (rom the physical host.
*Each application must be prevented from accessing the resources of the other applications.
*The configurations of the applications must be accessible only from the operating system that hosts the application.
Solution: You deploy a separate Hyper-V container for each application.
Does this meet the goal?

• A.Yes
• B.No

The network contains an Active Directory domain named contoso.com. The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2016. All client computers run Windows 10 and are domain members.
All laptops are protected by using BitLocker Drive Encryption (BitLocker).
You have an organizational unit (OU) named OU1 that contains the computer accounts of application servers.
An OU named OU2 contains the computer accounts of the computers in the marketing department.
A Group Policy object (GPO) named GP1 is linked to OU1.
A GPO named GP2 is linked to OU2.
All computers receive updates from Server1.
You create an update rule named Update1.
You enable deep script block logging for Windows PowerShell.
In which event log will PowerShell code that is generated dynamically appear?

• A.Windows Logs/Security
• B.Applications and Services Logs/Windows PowerShell
• C.Applications and Services Logs/Microsoft/Windows/PowerShell/Operational
• D.Windows Logs/Application