best preparation method to pass the Microsoft 70-744 exam, latest cisco 70-744 exam dumps

Bizfittraining shares the latest Microsoft MCSE 70-744 exam dumps for free exam practice tests and online downloads! “Securing Windows Server 2016” 70-744 exam. Ready to pass the 70-744 exam please click https://www.pass4itsure.com/70-744.html (full exam dump)

Share a free Microsoft MCSE 70-744 video tutorial

Microsoft MCSE 70-744 Exam pdf

[JuJy PDF] Free Microsoft 70-744 pdf dumps download from Google Drive: https://drive.google.com/open?id=19p8m_GLQFdWwNJt59dx7yWP25UvZsGIA

[Oct PDF] Free Microsoft 70-744 pdf dumps download from Google Drive: https://drive.google.com/open?id=1_BS2WnTI1rLZZiQ07KtgCWhPiOPWkrSf

Exam 70-744: Securing Windows Server 2016 – Microsoft: https://www.microsoft.com/en-us/learning/exam-70-744.aspx

Skills measured
This exam measures your ability to accomplish the technical tasks listed below.

  • Implement Server Hardening Solutions (25-30%)
  • Secure a Virtualization Infrastructure (5-10%)
  • Secure a Network Infrastructure (10-15%)
  • Manage Privileged Identities (25-30%)
  • Implement Threat Detection Solutions (15-20%)
  • Implement Workload-Specific Security (5-10%)

Microsoft MCSE 70-744 Online Exam Practice Questions

QUESTION 1
HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains multiple servers that run
multiple applications. Domain user accounts are used to authenticate access requests to the servers.
You plan to prevent NTLM from being used to authenticate to the servers.
You start to audit NTLM authentication events for the domain. You need to view all of the NTLM authentication events
and to identify which applications authenticate by using NTLM.
On which computers should you review the event logs and which logs should you review? To answer, select the
appropriate options in the answer area.
Hot Area:

pass4itsure 70-744 exam question q1

Correct Answer:

pass4itsure 70-744 exam question q1-1

 

QUESTION 2
You plan to use the Security and Audit solution in Microsoft Operations Management Suite (OMS) to monitor servers
that run Windows Server 2016. The servers are prevented from accessing the Internet.
You create an OMS workspace and add the Security and Audit solution.
You need to ensure that you can monitor the servers.
What should you do first?
A. From Connected Sources, click Download OMS Gateway.
B. From Accounts, modify the Azure Subscription and Data Plan setting.
C. From Accounts, add an Automation Account.
D. From Connected Sources, click Download Windows Agent (32 bit).
Correct Answer: B

 

QUESTION 3
You have a Host Guardian Service (HGS) and a guarded host.
You have a VHDX file that contains an image of Windows Server 2016.
You need to provision a virtual machine by using a shielded template.
Which three files should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. a TPM baseline policy file
B. a TPM identifier file
C. a shielding data .pdk file
D. a signature for the .vhdx file
E. an unattended.xml file
Correct Answer: CDE
https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-create-a-shielded-vm-template https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabrictenant-creates-shielding-data

 

QUESTION 4
You have 100 computers that run Windows 10 and are members of a workgroup.
You need to configure Windows Defender to meet the following requirements:
-Exclude a C:\\Sales\\Salesdb from malware scans.
-Configure a full scan to occur daily.
What should you run to meet each requirement?
Hot Area:pass4itsure 70-744 exam question q4

Correct Answer:

pass4itsure 70-744 exam question q4-1

Exclude C:\\Sales\\Salesdb from malware scans: Set-MpPreference Configure a full scan to occur daily: Set-
MpPreference https://technet.microsoft.com/en-us/itpro/powershell/windows/defender/set-mppreferenceSet-
MpPreference -ExclusionPath C:\\Sales\\SalesdbSet-MpPreference -RemediationScheduleDay Everyday

 

QUESTION 5
Your network contains an Active Directory domain named contoso.com The domain contains five file servers that run
Windows Server 2016.
You have an organizational unit (OU) named Finance that contains all of the servers.
You create a Group Policy object (GPO) and link the GPO to the Finance OU.
You need to ensure that when a user in the finance department deletes a file from a file server, the event is logged. The
solution must log only users who have a manager attribute of Ben Smith.
Which audit policy setting should you configure in the GPO?
A. File system in Global Object Access Auditing
B. Audit Detailed File Share
C. Audit Other Account Logon Events
D. Audit File System in Object Access
Correct Answer: D


QUESTION 6
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named
Server1 that runs Windows Server 2016.
A domain-based Group Policy object (GPO) is used to configure the security policy of Server1.
You plan to use Security Compliance Manager (SCM) 4.0 to compare the security policy of Server1 to the WS2012 DNS
Server Security 1.0 baseline.
You need to import the security policy into SCM. What should you do first?
A. From Security Configuration and Analysis, use the Export Template option.
B. Run the Copy-GPO cmdlet and specify the -TargetName parameter.
C. Run the Backup-GPO cmdlet and specify the -Path parameter.
D. Run the secedit.exe command and specify the/export parameter.
Correct Answer: C
https://technet.microsoft.com/en-us/library/ee461052.aspx Backup-GPO cmdlet and specify the -Path parameter creates
a GPO backup folder with GUID name and issuitable to import to SCM 4.0

 

QUESTION 7
You plan to implement a guarded fabric in TPM-trusted attestation mode. The fabric will contain a three-node Host
Guardian Service (HGS) cluster and four guarded hosts.
All the hosts will have matching hardware and will run the same workload.
You need to add the hosts to the HGS cluster.
What is the minimum number of times you must run each cmdlet to implement the HGS cluster? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:pass4itsure 70-744 exam question q7

Correct Answer:

pass4itsure 70-744 exam question q7-1

References: https://docs.microsoft.com/en-us/windows-server/virtualization/guarded-fabric-shielded-vm/guarded-fabric-tpm-trusted-attestation-capturing-hardware

 

QUESTION 8
Your network contains an Active Directory domain named contoio.com. The domain contains a server named Server1
that runs Windows Server 2016.
You have an organizational unit (OU) named Administration that contains the computer account of Server1.
You import the Active Directory module to Served1.
You create a Group Policy object (GPO) named GPO1 You link GPO1 to the Administration OU.
You need to log an event each time an Active Directory cmdlet is executed successfully from Server1.
What should you do?
A. From Advanced Audit Policy in GPO1 configure auditing for directory service changes.
B. Run the (Get-Module ActiveDirectory).LogPipelineExecutionDetails – $false command.
C. Run the (Get-Module ArtiveDirectory).LogPipelineExecutionDetails = $true command.
D. From Advanced Audit Policy in GPO1 configure auditing for other privilege use events.
E. From Administrative Templates in GPO1, configure an Event Logging policy.
F. From Administrative Templates in GPO1, configure a Windows PowerShell policy.
Correct Answer: C


QUESTION 9
Your network contains an Active Directory domain.
You install Security Compliance Manager (SCM) 4.0 on a server that runs Windows Server 2016.
You need to modify a baseline, and then make the baseline available as a domain policy.
Which four actions should you perform in sequence?
Select and Place:pass4itsure 70-744 exam question q9

Correct Answer:

pass4itsure 70-744 exam question q9-1

1. Duplicate a baseline.
2. Modify the settings of a baseline.
3. Export the baseline as a Group Policy Object (GPO) backup4. Import settings into a Group Policy object (GPO)

 

QUESTION 10
Your network contains an Active Directory domain named contoso.com.
You are deploying Microsoft Advanced Threat Analytics (ATA) to the domain.
You install the ATA Center on server named Server1 and the ATA Gateway on a server named Served.
You need to ensure that Server2 can collect NTLM authentication events.
What should you configure?
A. the domain controllers to forward Event ID 4776 to Server2
B. the domain controllers to forward Event ID 1000 to Server1
C. Server2 to forward Event ID 1026 to Server1
D. Server1 to forward Event ID 1000 to Server2
Correct Answer: A
https://docs.microsoft.com/en-us/advanced-threat-analytics/ata-architectureATA monitors your domain controller
network traffic by utilizing port mirroring to an ATA Gateway using physicalor virtual switches.If you deploy the ATA
Lightweight Gateway directly on your domain controllers, it removes the requirement for port mirroring.In addition, ATA
can leverage Windows events (forwarded directly from your domain controllers orfrom a SIEM server) and analyze the
data for attacksand threats.See the GREEN line in the following figure, forward event ID 4776 which indicates NTLM
authenticationis being used to ATA Gateway Server2.pass4itsure 70-744 exam question q10

 

QUESTION 11
Your network contains an Active Directory forest named corp.contoso.com.
You are implementing Privileged Access Management (PAM) by using a bastion forest named priv.contoso.com.
You need to create shadow groups in priv.contoso.com.
Which cmdlet should you use?
A. New-RoleGroup
B. New-ADGroup
C. New-PamRole
D. New-PamGroup
Correct Answer: D
https://social.technet.microsoft.com/wiki/contents/articles/33363.mim-2016-privileged-access-managementpam-faq.aspx
https://docs.microsoft.com/en-us/powershell/identitymanager/mimpam/vlatest/new-pamgroup

 

QUESTION 12
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named FS1
that runs Windows Server 2016. FS1 has a share named SecureFolder.
You need to track all users who access the contents of SecureFolder.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. From the Default Domain Controller Group Policy object (GPO), enable Audit object access,
B. From File Explorer, modify the Advanced sharing settings of SecureFolder.
C. Create a Group Policy object (GPO) and enable Audit object access.
D. From File Explorer, modify the Advanced security settings of SecureFolder.
Correct Answer: BD

 

QUESTION 13
Your network contains an Active Directory domain named contoso.com.The domain contains 1,000 client computers
that run either Windows 8.1 or Windows 10.
You have a Windows Server Update Services (WSUS) deployment All client computers receive updates from WSUS.
You deploy a new WSUS server named WSUS2.
You need to configure all of the client computers that run Windows 10 to send WSUS reporting data to WSUS2.
What should you configure?
A. an approval rule
B. a computer group
C. a Group Policy object (GPO)
D. a synchronization rule
Correct Answer: C
https://technet.microsoft.com/en-us/library/cc708574(v=ws.10).aspxUnder “Set the intranet update service for detecting
updates”, type http://wsus:8530Under “Set the intranet statistics server”, type http://wsus2:8531pass4itsure 70-744 exam question q13

Share Pass4itsure discount codes for free

pass4itsure discount codes

About Pass4itsure!

Pass4itsure offers the latest exam practice questions and answers free of charge! Update all exam questions throughout the year,
with a number of professional exam experts! To make sure it works! Maximum pass rate, best value for money! Helps you pass the exam easily on your first attempt.

why pass4itsure

Summarize:

How do I pass the Microsoft MCSE 70-744 exam? You need to be prepared for it! You need the latest and most effective learning materials and proper practices to pass the 70-744 exam.
“Candidates for this exam secure Windows Server 2016 environments. Candidates are familiar with the methods and technologies used to harden server environments and secure virtual machine infrastructures using Shielded and encryption-supported virtual machines and Guarded Fabric”. Pass4itsure offers you the latest exam materials! You can use the materials to prepare to help you achieve excellent results!

This maybe you’re interested