[Free] Get all latest Microsoft 70-680 Actual Tests 291-300

Ensurepass

QUESTION 291

You need to configure a computer to encrypt all inbound connections by using IPSec.

What should you do?

 

A.

From Network and Sharing Center, click Connect to a network.

B.

From Network and Sharing Center, click Set up a new connection or network.

C.

From Windows Firewall with Advanced Security, click Inbound Rules and then click New Rule.

D.

From Windows Firewall with Advanced Security, click Connection Security Rules and then click New Rule.

 

Correct Answer: D

Explanation:

Connection Security Rules

Connection security rules are a special type of rule that deal with authenticated and encrypted traffic. You can use connection security rules to manage how communication occurs between different hosts on the network. You use the New Connection Security Rule Wizard, to create connection security rules. Connections can be authenticated using the Kerberos V5 protocol requiring a domain computer and user account or a domain computer account. If you select advanced properties, connections can be authenticated using NTLMv2, computer certificates from a particular certificate authority (CA) or using a pre- shared key.Connection Security Rules and IPSec policies The relationship between connection security rules and IPSec policies is similar to the relationship between AppLocker and Software Restriction Policies. Both sets of rules do similar things, but the ones that you use depend on the operating systems used by the client computers in your organization. All editions of Windows 7 and Windows Vista support connection security rules, but Windows XP does not.

 

 

QUESTION 292

You have three computers that run Windows 7. You use Windows PowerShell to perform remote administration tasks on all three computers. You need to remotely administer all three computers by using PowerShell. Which PowerShell cmdlet should you use?

 

A.

Enable-PSRemoting

B.

Enable-PSSessionConfiguration

C.

New-PSDrive

D.

New-PSSession

 

Correct Answer: D

Explanation:

New-PSSessionCreates a persistent connection to a local or remote computer. The New-PSSession cmdlet creates a Windows PowerShell session (PSSession) on a local or remote computer. When you create a PSSession, Windows PowerShell establishes a persistent connection to the remote computer. Use a PSSession to run multiple commands that share data, such as a function or the value of a variable. To run commands in a PSSession, use the Invoke-Command cmdlet. To use the PSSession to interact directly with a remote computer, use the Enter-PSSession cmdlet. You can run commands on a remote computer without creating a PSSession by using the ComputerName parameters of Enter-PSSession or Invoke-Command. When you use the ComputerName parameter, Windows PowerShell creates a temporary connection that is used for the interactive session or for a single command and is then closed.

 

 

QUESTION 293

You need to provide an administrator the ability to view and interact with your current logon session. What should you do?

 

A.

At the command prompt, run Psr.exe.

B.

At the command prompt, run Winrm.exe quickconfig.

C.

From the Start menu, open Remote Desktop Connection.

D.

From the Start menu, open Windows Remote Assistance.

 

Correct Answer: D

Explanation:

Remote Assistance

Both Remote Assistance and Remote Desktop allow the user at the management computer to see the desktop and applications that are present on the remote computer. The difference between Windows Remote Assistance and Remote Desktop is that a user is logged on to the remote computer and initiates the remote assistance session, whereas a Remote Desktop session is initiated on the management computer. Remote Assistance is a support tool used by help-desk staff to allow them to view the screen of the person to whom they are providing assistance. Remote Assistance reduces the need for nontechnical users to accurately describe the problem that they are having with their computers because support personnel can see the desktop directly. Unlike the version of Remote Assistance that shipped with Windows XP, the version of Remote Assistance that is included with Windows 7 does not include a voice client. If you are going to talk to the person whom you are helping using Remote Assistance, you are going to have to use another method, such as the telephone.

 

 

QUESTION 294

You have a computer named Computer1 that runs Windows 7. Computer1 has a shared printer.

You need to configure Computer1 so that only Administrators are authorized to shut down the computer. What should you do?

 

A.

From User Accounts, modify the user profiles settings.

B.

From User Accounts, modify the User Account Control (UAC) settings.

C.

From the local computer policy, modify the Security Options.

D.

From the local computer policy, modify the User Rights Assignment.

 

Correct Answer: D

Explanation:

Shut down the system

Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesUser Rights Assignment Description Determines which users logged on locally to the computer can shut down the operating system using the Shut Down command. This user right is defined in the Default Domain Controller Group Policy object (GPO) and in the local security policy of workstations and servers.

 

clip_image002

 

 

QUESTION 295

You are the administrator of a computer named Computer1 that runs Windows 7. Several users share Computer1. The users plan to encrypt files on the computer. You need to ensure that you can access all encrypted files on the computer. What should you do first?

 

A.

At a command prompt, run Cipher.exe.

B.

At a command prompt, run Certutil.exe.

C.

From the local computer policy, modify the User Rights Assignment.

D.

From User Accounts, run the Manage your file encryption certificates wizard.

 

Correct Answer: A

Explanation:

Cipher

Displays or alters the encryption of folders and files on NTFS volumes. Used without parameters, cipher displays the encryption state of the current folder and any files it contains. Administrators can use Cipher.exe to encrypt and decrypt data on drives that use the NTFS file system and to view the encryption status of files and folders from a command prompt. The updated version adds another security option. This new option is the ability to overwrite data that you have deleted so that it cannot be recovered and accessed. When you delete files or folders, the data is not initially removed from the hard disk. Instead, the space on the disk that was occupied by the deleted data is “deallocated.” After it is deallocated, the space is available for use when new data is written to the disk. Until the space is overwritten, it is possible to recover the deleted data by using a low-level disk editor or data-recovery software.

 

If you create files in plain text and then encrypt them, Encrypting File System (EFS) makes a backup copy of the file so that, if an error occurs during the encryption process, the data is not lost. After the encryption is complete, the backup copy is deleted. As with other deleted files, the data is not completely removed until it has been overwritten. The new version of the Cipher utility is designed to prevent unauthorized recovery of such data.

 

/K Creates a new certificate and key for use with EFS. If this option is chosen, all the other options will be ignored. By default, /k creates a certificate and key that conform to current group plicy. If ECC is specified, a self-signed certificate will be created with the supplied key size.

 

/R Generates an EFS recovery key and certificate, then writes them to a .PFX file (containing certificate and private key) and a .CER file (containing only the certificate). An administrator may add the contents of the .CER to the EFS recovery policy to create the recovery for users, and import the .PFX to recover individual files. If SMARTCARD is specified, then writes the recovery key and certificate to a smart card. A .CER file is generated (containing only the certificate). No .PFX file is genereated. By default, /R creates an 2048-bit RSA recovery key and certificate. If EECC is specified, it must be followed by a key size of 356, 384, or 521.

 

 

QUESTION 296

Your network has a main office and a branch office. The branch office has five client computers that run Windows 7 and a server that runs Windows Server 2008 R2. The branch office server is enabled for BranchCache.You need to configure Windows Firewall on each client computer so that cached content can be retrieved from the branch office server. Which firewall rule should you enable on the client computers?

 

A.

BranchCache – Content Retrieval (Uses HTTP)

B.

BranchCache – Hosted Cache Server (Uses HTTPS)

C.

BranchCache – Peer Discovery (Uses WSD)

D.

File and Printer Sharing

 

Correct Answer: A

Explanation:

Configure domain member client distributed cache mode firewall rules When you configure BranchCache in distributed cache mode, BranchCache client computers use the Hypertext Transfer Protocol (HTTP) for data transfer with other client computers. BranchCache client computers also use the Web Services Dynamic Discovery (WS-Discovery) protocol when they attempt to discover content on client cache servers. You can use this procedure to configure client firewall exceptions to allow incoming HTTP and WS-Discovery traffic on client computers that are configured for distributed cache mode. The BranchCache – Content Retrieval (Uses HTTP) predefined rule. If this rule is not available, create rules that allow inbound and outbound traffic on TCP port 80. This rule is required for both Hosted Cache and Distributed Cache mode. The BranchCache – Peer- Discovery (Uses WSD) predefined rule. If this rule is not available, create rules that allow inbound and outbound traffic on UDP port 3702. This rule is only required when using Distributed Cache mode. The BranchCache – Hosted Cache Client (HTTPS-Out) predefined rule. It this rule is not available, configure a rule that allows outbound traffic on TCP port 443. This rule is required only when using Hosted Cache mode.

 

 

 

 

 

 

 

 

QUESTION 297

You have a computer that runs Windows 7. The Encrypting File System (EFS) key is compromised. You need to create a new EFS key. Which command should you run?

 

A.

Certutil -getkey

B.

Cipher.exe /k

C.

Icacls.exe /r

D.

Syskey.exe

 

Correct Answer: B

Explanation:

Cipher

Displays or alters the encryption of folders and files on NTFS volumes. Used without parameters, cipher displays the encryption state of the current folder and any files it contains.Administrators can use Cipher.exe to encrypt and decrypt data on drives that use the NTFS file system and to view the encryption status of files and folders from a command prompt. The updated version adds another security option. This new option is the ability to overwrite data that you have deleted so that it cannot be recovered and accessed.When you delete files or folders, the data is not initially removed from the hard disk. Instead, the space on the disk that was occupied by the deleted data is “deallocated.” After it is deallocated, the space is available for use when new data is written to the disk. Until the space is overwritten, it is possible to recover the deleted data by using a low-level disk editor or data-recovery software.If you create files in plain text and then encrypt them, Encrypting File System (EFS) makes a backup copy of the file so that, if an error occurs during the encryption process, the data is not lost. After the encryption is complete, the backup copy is deleted. As with other deleted files, the data is not completely removed until it has been overwritten. The new version of the Cipher utility is designed to prevent unauthorized recovery of such data.

/K Creates a new certificate and key for use with EFS. If this option is chosen, all the other options will be ignored. By default, /k creates a certificate and key that conform to current group plicy. If ECC is specified, a self-signed certificate will be created with the supplied key size. /R Generates an EFS recovery key and certificate, then writes them to a .PFX file (containing certificate and private key) and a .CER file (containing only the certificate). An administrator may add the contents of the .CER to the EFS recovery policy to create the recovery for users, and import the .PFX to recover individual files. If SMARTCARD is specified, then writes the recovery key and certificate to a smart card. A .CER file is generated (containing only the certificate). No .PFX file is genereated. By default, /R creates an 2048-bit RSA recovery key and certificate. If EECC is specified, it must be followed by a key size of 356, 384, or 521.

 

 

QUESTION 298

Your corporate network contains a Remote Desktop Gateway (RD Gateway) server named Server1 and a Remote Desktop Session Host (RD Session Host) server named Server2.

You have a computer named Computer1 that runs Windows 7. You use Computer1 from home.

You need to access Server2 from Computer1. What should you do?

 

A.

Run Mstsc.exe /admin /v:server2:443.

B.

Run Mstsc.exe /console /v:server2:8080.

C.

Create a Remote Desktop Connection and modify the Connect from anywhere settings.

D.

Create a Remote Desktop Connection and modify the Server authentication settings.

 

Correct Answer: C

Explanation:

To connect using an RD Gateway server, navigate to the Advanced tab of the Remote Desktop Connection Properties dialog box and click Settings under Connect From Anywhere. This opens the RD Gateway Server Settings dialog box. This dialog box allows you to specify RD Gateway settings, including whether or not you want the RD Gateway to be detected automatically, whether to use a specific RD Gateway server, as shown in the firgure, or you can specify Do Not Use an RD Gateway Server, which is the default setting.

 

clip_image003

 

 

QUESTION 299

You have two computers named Computer1 and Computer2 that run Windows 7. You connect from Computer1 to Computer2 by using Remote Desktop. You discover that you cannot copy any files between the computers during the Remote Desktop session. You need to ensure that you can copy files between the computers during the Remote Desktop session. What should you do?

 

A.

On Computer1, open Windows Firewall and allow file and printer sharing.

B.

On Computer2, open Windows Firewall and allow file and printer sharing.

C.

On Computer1, open Remote Desktop Connection and configure the Local devices and resources setting.

D.

On Computer2, open Remote Desktop Connection and configure the Local devices and resources setting.

 

Correct Answer: C

Explanation:

How can I use my devices and resources in a Remote Desktop session?

Redirecting a device on your computer makes it available for use in a Remote Desktop session. If you have a recent version of Remote Desktop, you can redirect most devices, including printers, smart cards, serial ports, drives, Plug and Play devices, media players based on the Media Transfer Protocol (MTP), and digital cameras based on the Picture Transfer Protocol (PTP). Some USB devices can be redirected, and you can also redirect your Clipboard.

 

clip_image004

 

clip_image005

 

 

QUESTION 300

You have a portable computer that runs Windows 7. The computer is configured to keep an offline version of files located in a network share.

You need to identify whether you are working on an offline version of a file.

 

What should you do?

 

A.

From Sync Center, click View sync partnerships.

B.

From Action Center, click View archived messages.

C.

From Windows Explorer, select the file and then view the toolbar.

D.

From Windows Mobile Device Center, click the Connection settings.

 

Correct Answer: C

Explanation:

To find out whether you’re working offline: Offline files turn on automatically if you lose your network connection. A copy of your file is copied to your computer, and once your network connection is re-established, the two copies will be synchronized. To find out if you’re working offline, do the following:

 

1. Open the network folder that contains the file you are working on.

2. Check the Details pane at the bottom of the window for the status. If the status is offline, you are working with a copy of the file on your computer. If the status in online, you are working with the file on the network.

 

Instant Access to Download Testing Software & PDF File for Microsoft 70-680 Real Exam

Instant Access to Try Microsoft 70-680 Free Demo