70-744 問題集について
70-744 問題集は試験のために調整され、これにより、最も高い確率で試験に合格することができます。
70-744 問題集と練習問題の違い:
問題練習の範囲を縮小し、最新の70-744試験の問題と回答をより正確に練習問題にマッチさせています。
試験に合格する正解率を高め、70-744 問題集には練習問題よりも部分の問題数、練習問題には現れていません。
印刷後に持ち運びが便利:70-744 問題集は印刷およびオフラインで表示するためにPDF形式で指定のメールボックスに送信されます。
無料で一年に高品質な更新;試験に最新の質問と回答を得るためにITshikenに直接お問い合わせください。より直接的で効果的です。
マイクロソフト、70-744無料サンプル、70-744日本語合格体験、70-744資格問題対応、70-744認証試験問題集
Question No : 1
Encryption-supported VMs are intended for use where the fabric administrators are fully trusted.
For example, an enterprise might deploy a guarded fabric in order to ensure VM disks are encrypted at-rest for compliance purposes.
Shielded VMs are intended for use in fabrics where the data and state of the VM must be protected from both fabric administrators and untrusted software that might be running on the Hyper-V hosts.
Is the Virtual Machine Connection (Console), HID devices (e.g. keyboard, mouse) ON or OFF for Encryption Supported VM’s?
A.Off
B.On
正解: B
Question No : 2
The “Network Security: Restrict NTLM: NTLM authentication in this domain” policy setting allows you to deny or allow NTLM authentication within a domain from this domain controller.
Which value would you choose so that the domain controller will deny all NTLM authentication logon attempts using accounts from this domain to all servers in the domain.
The NTLM authentication attempts will be blocked and will return an NTLM blocked error unless the server name is on the exception list in the Network security: Restrict NTLM: Add server exceptions in this domain policy setting.
A.Deny for domain accounts
B.Deny for domain accounts to domain servers
C.Deny all
D.Deny for domain servers
正解: B
Question No : 3
Windows Firewall rules can be configured using PowerShell.
The “Set-NetFirewallProfile” cmdlet configures settings that apply to the per-profile configurations of the Windows Firewall with Advanced Security.
What is the default setting for the AllowInboundRules parameter when managing a GPO?
A.FALSE
B.NotConfigured
正解: B
Explanation:
The default setting when managing a computer is True. When managing a GPO, the default setting is NotConfigured. The NotConfigured value is only valid when configuring a Group Policy Object (GPO). This parameter removes the setting from the GPO, which results in the policy not changing the value on the computer when the policy is applied.
Question No : 4
This question relates to Windows Firewall and related technologies.
These rules use IPsec to secure traffic while it crosses the network.
You use these rules to specify that connections between two computers must be authenticated or encrypted.
What is the name for these rules?
A.Connection Security Rules
B.Firewall Rules
C.TCP Rules
D.DHP Rules
Question No : 5
_____ enables easier management for BitLocker enabled desktops and servers in a domain environment by providing automatic unlock of operating system volumes at system reboot when connected to a wired corporate network. This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware.
A.Network Unlock
B.EFS recovery agent
C.JEA
D.Credential Guard
正解: D
Question No : 6
Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration.
Windows Defender comes with a number of different Defender-specific cmdlets that you can run through PowerShell to automate common tasks.
Which Cmdlet would you run first if you wanted to perform an offline scan?
A.Start-MpWDOScan
B.Start-MpScan
C.Set-MpPreference -DisableRestorePoint $true
D.Set-MpPreference -DisablePrivacyMode $true
正解: A
Explanation:
Some malicious software can be particularly difficult to remove from your PC. Windows Defender Offline (Start-MpWDOScan) can help to find and remove this using up-to-date threat definitions.
Question No : 7
A shielding data file (also called a provisioning data file or PDK file) is an encrypted file that a tenant or VM owner creates to protect important VM configuration information.
A fabric administrator uses the shielding data file when creating a shielded VM, but is unable to view or use the information contained in the file.
Which information can be stored in the shielding data file?
A.Administrator credentials
B.All of these
C.A Key Protector
D.Unattend.xml
正解: B
Question No : 8
Read the following statement carefully and answer YES or NO.
You create a rule “Allow Everyone to run Windows except Registry Editor” that allows everyone in the organization to run Windows but does not allow anyone to run Registry Editor.
The effect of this rule would prevent users such as help desk personnel from running a program that is necessary for their support tasks.
To resolve this problem, you create a second rule that applies to the Helpdesk user group: “Allow Helpdesk to run Registry Editor.”
However, if you created a deny rule that did not allow any users to run Registry Editor, would the deny rule override the second rule that allows the Helpdesk user group to run Registry Editor?
A.NO
B.YES
正解: B
Question No : 9
The New-CIPolicy cmdlet creates a Code Integrity policy as an .xml file. If you do NOT supply either driver files or rules what will happen?
A.The cmdlet performs a system scan
B.An exception/warning is shown because either one is required
C.Nothing
D.The cmdlet searches the Code Integrity Audit log for drivers
正解: A
Explanation:
If you do not supply either driver files or rules, this cmdlet performs a system scan similar to the Get-SystemDriver cmdlet.
The cmdlet generates rules based on Level. If you specify the Audit parameter, this cmdlet scans the Code Integrity Audit log instead.
Question No : 10
Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012. The forest contains a single domain. The domain contains multiple Hyper-V hosts.
You plan to deploy guarded hosts.
You deploy a new server named Server22 to a workgroup.
You need to configure Server22 as a Host Guardian Service server.
What should you do before you initialize the Host Guardian Service on Server22?
A.Install the Active Directory Domain Services server role on Server22.
B.Obtain a certificate.
C.Raise the forest functional level.
D.Join Server22 to the domain.
正解: D
70-744 問題集は試験のために調整され、これにより、最も高い確率で試験に合格することができます。
70-744 問題集と練習問題の違い:
問題練習の範囲を縮小し、最新の70-744試験の問題と回答をより正確に練習問題にマッチさせています。
試験に合格する正解率を高め、70-744 問題集には練習問題よりも部分の問題数、練習問題には現れていません。
印刷後に持ち運びが便利:70-744 問題集は印刷およびオフラインで表示するためにPDF形式で指定のメールボックスに送信されます。
無料で一年に高品質な更新;試験に最新の質問と回答を得るためにITshikenに直接お問い合わせください。より直接的で効果的です。
マイクロソフト、70-744無料サンプル、70-744日本語合格体験、70-744資格問題対応、70-744認証試験問題集
Question No : 1
Encryption-supported VMs are intended for use where the fabric administrators are fully trusted.
For example, an enterprise might deploy a guarded fabric in order to ensure VM disks are encrypted at-rest for compliance purposes.
Shielded VMs are intended for use in fabrics where the data and state of the VM must be protected from both fabric administrators and untrusted software that might be running on the Hyper-V hosts.
Is the Virtual Machine Connection (Console), HID devices (e.g. keyboard, mouse) ON or OFF for Encryption Supported VM’s?
A.Off
B.On
正解: B
Question No : 2
The “Network Security: Restrict NTLM: NTLM authentication in this domain” policy setting allows you to deny or allow NTLM authentication within a domain from this domain controller.
Which value would you choose so that the domain controller will deny all NTLM authentication logon attempts using accounts from this domain to all servers in the domain.
The NTLM authentication attempts will be blocked and will return an NTLM blocked error unless the server name is on the exception list in the Network security: Restrict NTLM: Add server exceptions in this domain policy setting.
A.Deny for domain accounts
B.Deny for domain accounts to domain servers
C.Deny all
D.Deny for domain servers
正解: B
Question No : 3
Windows Firewall rules can be configured using PowerShell.
The “Set-NetFirewallProfile” cmdlet configures settings that apply to the per-profile configurations of the Windows Firewall with Advanced Security.
What is the default setting for the AllowInboundRules parameter when managing a GPO?
A.FALSE
B.NotConfigured
正解: B
Explanation:
The default setting when managing a computer is True. When managing a GPO, the default setting is NotConfigured. The NotConfigured value is only valid when configuring a Group Policy Object (GPO). This parameter removes the setting from the GPO, which results in the policy not changing the value on the computer when the policy is applied.
Question No : 4
This question relates to Windows Firewall and related technologies.
These rules use IPsec to secure traffic while it crosses the network.
You use these rules to specify that connections between two computers must be authenticated or encrypted.
What is the name for these rules?
A.Connection Security Rules
B.Firewall Rules
C.TCP Rules
D.DHP Rules
Question No : 5
_____ enables easier management for BitLocker enabled desktops and servers in a domain environment by providing automatic unlock of operating system volumes at system reboot when connected to a wired corporate network. This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware.
A.Network Unlock
B.EFS recovery agent
C.JEA
D.Credential Guard
正解: D
Question No : 6
Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration.
Windows Defender comes with a number of different Defender-specific cmdlets that you can run through PowerShell to automate common tasks.
Which Cmdlet would you run first if you wanted to perform an offline scan?
A.Start-MpWDOScan
B.Start-MpScan
C.Set-MpPreference -DisableRestorePoint $true
D.Set-MpPreference -DisablePrivacyMode $true
正解: A
Explanation:
Some malicious software can be particularly difficult to remove from your PC. Windows Defender Offline (Start-MpWDOScan) can help to find and remove this using up-to-date threat definitions.
Question No : 7
A shielding data file (also called a provisioning data file or PDK file) is an encrypted file that a tenant or VM owner creates to protect important VM configuration information.
A fabric administrator uses the shielding data file when creating a shielded VM, but is unable to view or use the information contained in the file.
Which information can be stored in the shielding data file?
A.Administrator credentials
B.All of these
C.A Key Protector
D.Unattend.xml
正解: B
Question No : 8
Read the following statement carefully and answer YES or NO.
You create a rule “Allow Everyone to run Windows except Registry Editor” that allows everyone in the organization to run Windows but does not allow anyone to run Registry Editor.
The effect of this rule would prevent users such as help desk personnel from running a program that is necessary for their support tasks.
To resolve this problem, you create a second rule that applies to the Helpdesk user group: “Allow Helpdesk to run Registry Editor.”
However, if you created a deny rule that did not allow any users to run Registry Editor, would the deny rule override the second rule that allows the Helpdesk user group to run Registry Editor?
A.NO
B.YES
正解: B
Question No : 9
The New-CIPolicy cmdlet creates a Code Integrity policy as an .xml file. If you do NOT supply either driver files or rules what will happen?
A.The cmdlet performs a system scan
B.An exception/warning is shown because either one is required
C.Nothing
D.The cmdlet searches the Code Integrity Audit log for drivers
正解: A
Explanation:
If you do not supply either driver files or rules, this cmdlet performs a system scan similar to the Get-SystemDriver cmdlet.
The cmdlet generates rules based on Level. If you specify the Audit parameter, this cmdlet scans the Code Integrity Audit log instead.
Question No : 10
Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012. The forest contains a single domain. The domain contains multiple Hyper-V hosts.
You plan to deploy guarded hosts.
You deploy a new server named Server22 to a workgroup.
You need to configure Server22 as a Host Guardian Service server.
What should you do before you initialize the Host Guardian Service on Server22?
A.Install the Active Directory Domain Services server role on Server22.
B.Obtain a certificate.
C.Raise the forest functional level.
D.Join Server22 to the domain.
正解: D
