[2016- Mar.–Update]Braindump2go Microsoft Exam 70-697 Practice Tests Latest 70-697 Questions Free

2016 March NEW 70-697 Exam Questions Released Today!

Exam Code: 70-697
Exam Name: Configuring Windows Devices
Certification Provider: Microsoft
Corresponding Certification: Microsoft Specialist

2016 NEW 70-697 Study Guides:
1.Manage identity
2.Plan desktop and device deployment
3.Plan and implement a Microsoft Intune device management solution
4.Configure networking
5.Configure storage
6.Manage data access and protection
7.Manage remote access
8.Manage apps
9.Manage updates and recovery

QUESTION 71
At home, you use a Windows 8.1 desktop computer.
At work, you use a Windows 8.1 laptop that is connected to a corporate network.
You use the same Microsoft account to log on to both computers.
You have a folder with some personal documents on your desktop computer.
The folder must be available and synced between both computers.
You need to ensure that the latest version of these files is available.
What should you do?

A.    Create a folder by using SkyDrive for Windows.
Move all of the personal documents to the new folder.
B.    Move the folder to the Libraries folder.
Go to PC Settings.
Under Sync your settings, enable App settings.
C.    Right-click the folder and click Properties.
Under Security, provide Full Control for the Microsoft account.
D.    Right-click the folder and select Share With, and then select Homegroup (view and edit).

Answer: A
Explanation:
http://answers.microsoft.com/en-us/windows/forum/windows8_1-files/some-solutions-for-skydrive-syncing-problems-in/f69180ad-e9b5-47cd-a3f3-24a4d67e0093
http://answers.microsoft.com/en-us/windows/forum/windows8_1-files/skydrive-in-windows-81-is-not-syncing/1627111e-2ccb-4e6d-ae5f-ee325829191f

QUESTION 72
Drag and Drop Questions
You administer 50 laptops that run Windows 7 Professional 32-bit.
You want to install Windows 8 Pro 64-bit on every laptop.
Users will keep their own laptops.
You need to ensure that user application settings, Windows settings, and user files are maintained after Windows 8 Pro is installed.
Which four actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)
 
Answer:
 
Explanation:
User State Migration Toolkit (USMT) Reference
http://technet.microsoft.com/en-us/library/hh825171.aspx
* You use the User State Migration Tool (USMT) 5.0 when hardware and/or operating system upgrades are planned for a large number of computers. USMT manages the migration of an end- user’s digital identity by capturing the user’s operating-system settings, application settings, and personal files from a source computer and reinstalling them on a destination computer after the upgrade has occurred.
One common scenario when only the operating system, and not the hardware, is being upgraded is referred to as PC refresh. A second common scenario is known as PC replacement, where one piece of hardware is being replaced, typically by newer hardware and a newer operating system.
* Scenario: PC-refresh using a hard-link migration store A company has just received funds to update the operating system on all of its computers to Windows 8. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, an administrator uses a hard-link migration store to save each user state to their respective computer.
The administrator runs the ScanState command-line tool on each computer, specifying the /hardlink /nocompress command-line options. ScanState saves the user state to a hard-link migration store on each computer, improving performance by minimizing network traffic as well as minimizing migration failures on computers with very limited space available on the hard drive.
On each computer, the administrator installs the company’s SOE which, includes Windows 8 and other company applications.
The administrator runs the LoadState command-line tool on each computer. LoadState restores each user state back on each computer.
How to Use Hard Links for User State Migration
http://technet.microsoft.com/en-us/library/ee344267.aspx
In Microsoft System Center Configuration Manager 2007 SP2, hard-link migration maintains user state data on the Windows-based computer when the old operating system is removed and the new operating system is installed. It is best suited to scenarios where the operating system is being upgraded on a computer. Using a hard-link migration store improves migration performance, enables new migration options, and reduces hard-disk utilization and deployment costs. User State Migration Tool (USMT) 4.0 is included in Configuration Manager 2007 SP2 and supports hard-link migration storage for user state migration.
32-bit and 64-bit Windows: frequently asked questions
http://windows.microsoft.com/en-us/windows7/32-bit-and-64-bit-windows-frequently-asked-questions
If you want to move from a 32-bit version of Windows to a 64-bit version of Windows 7 or vice versa, you’ll need to back up your files and choose the Custom option during Windows 7 installation. Then, you’ll need to restore your files and reinstall your programs.

QUESTION 73
You are a systems administrator for your company.
The company has employees who work remotely by using a virtual private network (VPN) connection from their computers, which run Windows 8 Pro.
These employees use an application to access the company intranet database servers.
The company recently decided to distribute the latest version of the application through using a public cloud.
Some users report that every time they try to download the application by using Internet Explorer, they receive a warning message that indicates the application could harm their computer.
You need to recommend a solution that prevents this warning message from appearing, without compromising the security protection of the computers.
What should you do?

A.    Publish the application through a public file transfer protocol (FTP) site.
B.    Publish the application through an intranet web site.
C.    Instruct employees to disable the SmartScreen Filter from within the Internet Explorer settings.
D.    Publish the application to Windows Store.

Answer: B
Explanation:
Intranet is the generic term for a collection of private computer networks within an organization. An intranet uses network technologies as a tool to facilitate communication between people or work groups to improve the data sharing capability and overall knowledge base of an organization’s employees.
Intranets utilize standard network hardware and software technologies like Ethernet, Wi-Fi, TCP/IP, Web browsers and Web servers. An organization’s intranet typically includes Internet access but is firewalled so that its computers cannot be reached directly from the outside.
http://compnetworking.about.com/cs/intranets/g/bldef_intranet.htm
http://www.dynamicwebs.com.au/tutorials/ftp.htm
http://msdn.microsoft.com/en-us/library/windows/apps/xaml/hh974576.aspx

QUESTION 74
You administer computers that run Windows 8 Enterprise and are members of an Active Directory domain.
Some volumes on the computers are encrypted with BitLocker.
The BitLocker recovery passwords are stored in Active Directory.
A user forgets the BitLocker password to local drive E: and is unable to access the protected volume.
You need to provide a BitLocker recovery key to unlock the protected volume.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Ask the user to run the manage-bde-protectors-disable e: command.
B.    Ask the user for his or her logon name.
C.    Ask the user to run the manage-bde-unlock E:-pw command.
D.    Ask the user for his or her computer name.
E.     Ask the user for a recovery key ID for the protected drive.

Answer: DE
Explanation:
Asking user their logon name is a very lame way to verify their identity.
Answers D & E seem to be the best solution, because:
– You need to know computer name in order to find computer object in AD, where bitlocker passwords are store;
– Without recovery key ID you will not know which bitlocker recovery password to use.

QUESTION 75
Hotspot Questions
Your company has a main office and two branch offices named Branch1 and Branch2.
The main office contains a file server named Server1 that has BranchCache enabled. Branch1 contains a server named Server2 that is configured as a hosted cache server.
All client computers run Windows 8 Enterprise.
All of the computers are joined to an Active Directory domain.
The BranchCache settings of all the computers are configured as shown in the following exhibit. (Click the Exhibit button.)
 
In the table below, identify the effective setting for the client computers in each branch office. Make one selection in each column. Each correct selection is worth one point.
 
Answer:
 

QUESTION 76
Your network contains an Active Directory domain and 100 Windows 8.1 client computers.
All software is deployed by using Microsoft Application Virtualization (App-V) 5.0.
Users are NOT configured as local administrators,
Your company purchases a subscription to Microsoft Office 365 that includes Office 365 ProPlus.
You need to create an App-V package for Office 365 ProPlus.
What should you do?

A.    Run the Office Customization Tool (OCT), run the App-V Sequencer and then run Setup
/Packager.
B.    Download the Office Deployment Tool for Click-to-Run, run the App-V Sequencer and then
run Setup /Ad mm.
C.    Download the Office Deployment Tool for Click-to-Run, run Setup /Download and then run
Setup /Packager.
D.    Run the Office Customization Tool (OCT), run Setup /Download and then run the App-V
Sequencer.

Answer: C
Explanation:
http://blogs.technet.com/b/pauljones/archive/2013/08/28/office-2013-click-to-run-with-configuration-manager-2012.aspx
http://technet.microsoft.com/en-us/library/cc179097%28v=office.15%29.aspx
http://technet.microsoft.com/en-us/library/hh825212.aspx
http://technet.microsoft.com/en-us/library/jj713463.aspx
http://technet.microsoft.com/en-us/library/dn144768.aspx

QUESTION 77
You administer laptop and desktop computers that run Windows 8 Pro.
Your company uses Active Directory Domain Services (AD DS) and Active Directory Certificate Services (AD CS).
Your company decides that access to the company network for all users must be controlled by two-factor authentication.
You need to configure the computers to meet this requirement.
What should you do?

A.    Install smart card readers on all computers.
Issue smart cards to all users.
B.    Enable the Password must meet complexity requirements policy setting.
Instruct users to log on by using the domain \username format for their username and their
strong password.
C.    Create an Internet Protocol security (IPsec) policy that requires the use of Kerberos to authenticate
all traffic.
Apply the IPsec policy to the domain.
D.    Issue photo identification to all users.
Instruct all users to set up and use PIN Logon.

Answer: A
Explanation:
Smart cards contain a microcomputer and a small amount of memory, and they provide secure, tamper-proof storage for private keys and X.509 security certificates.
A smart card is a form of two-factor authentication that requires the user to have a smart card and know the PIN to gain access to network resources.
Registry certificates cannot be used for two factor authentication. Although certificates are ideal candidates for two-factor authentication, registry certificates-which are protected by a strong private key and are the most appropriate certificates for two-factor authentication-cannot be used. The reason for this is that Windows does not support registry certificates and completely ignores them.
As a result, organizations must deploy and manage complex and expensive smart card solutions rather than using registry based certificates.
http://technet.microsoft.com/en-us/library/cc770519.aspx
http://technet.microsoft.com/en-us/library/jj200227.aspx

QUESTION 78
You support computers that run Windows 8 and are members of an Active Directory domain. Recently, several domain user accounts have been configured with super-mandatory user profiles.
A user reports that she has lost all of her personal data after a computer restart.
You need to configure the user’s computer to prevent possible user data loss in the future.
What should you do?

A.    Configure the user’s documents library to include folders from network shares.
B.    Remove the .man extension from the user profile name.
C.    Add the .dat extension to the user profile name.
D.    Configure Folder Redirection by using the domain group policy.

Answer: D
Explanation:
A mandatory user profile is a special type of pre-configured roaming user profile that administrators can use to specify settings for users. With mandatory user profiles, a user can modify his or her desktop, but the changes are not saved when the user logs off. The next time the user logs on, the mandatory user profile created by the administrator is downloaded. There are two types of mandatory profiles: normal mandatory profiles and super-mandatory profiles.
User profiles become mandatory profiles when the administrator renames the NTuser.dat file (the registry hive) on the server to NTuser.man. The .man extension causes the user profile to be a read-only profile.
User profiles become super-mandatory when the folder name of the profile path ends in .man; for example, \\server\share\mandatoryprofile.man\.
Super-mandatory user profiles are similar to normal mandatory profiles, with the exception that users who have super-mandatory profiles cannot log on when the server that stores the mandatory profile is unavailable. Users with normal mandatory profiles can log on with the locally cached copy of the mandatory profile.
Only system administrators can make changes to mandatory user profiles.
Reference:
http://msdn.microsoft.com/en-us/library/windows/desktop/bb776895(v=vs.85).aspx
http://technet.microsoft.com/en-us/windows/hh868022.aspx

QUESTION 79
Drag and Drop Questions
You administer desktop computers that run Windows 8 Enterprise and are members of an Active Directory domain.
A new security policy states that all traffic between computers in the research department must be encrypted and authenticated by using Kerberos V5.
You need to configure the requested traffic authentication settings by using Windows Firewall with Advanced Settings.
Which three actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)
 
Answer:
 
Explanation:
Note:
A connection security rule forces two peer computers to authenticate before they can establish a connection and to secure information transmitted between the two computers.
Windows Firewall with Advanced Security uses IPsec to enforce these rules.
To create a connection security rule
1. In Windows Firewall with Advanced Security, in the console tree, click Connection Security Rules.
2. In the Actions list, click New Rule.
The Rule Type page, shown in the Figure below, allows you to select the type of rule you want to create. Select a type, and use the wizard to configure the new rule according to the information in the following sections.
 
Isolation
An isolation rule isolates computers by restricting inbound connections based on credentials, such as domain membership or compliance with policies that define the required software and system configurations. Isolation rules allow you to implement a server or domain isolation strategy. When you create an isolation rule, you will see the following wizard pages:
– Requirements. You can choose when authentication is required:
– Request authentication for inbound and outbound connections
– Require authentication for inbound connections and request authentication for outbound connections
– Require authentication for inbound and outbound connections *Authentication Method.
You can select from the following authentication methods:
Default.
This selection uses the current computer default selections specified on the IPsec Settings tab of the Windows Firewall Properties page.
Computer and user (Kerberos V5).
This method uses both computer-and user-based Kerberos V5 authentication to restrict connections to domain-joined users and computers.
User authentication, and therefore this method, is compatible only with computers running Windows Vista and later.
Computer (Kerberos V5).
This method uses Kerberos V5 authentication to restrict connections to domain-joined computers.
This method is compatible with computers running Windows 2000 or later.
Advanced. This setting allows you to designate multiple authentication methods, such as computer certificate, NTLMv2, and preshared key.
– Profile. Choose the profiles (Domain, Public, and Private) to which the rule applies.
– Name. Name the rule and type an optional description.
Reference: Creating Connection Security Rules

QUESTION 80
Your network contains an Active Directory domain.
The domain contains 100 Windows 8.1 client computers.
All of the computers secure al connections to computers on the internal network by using IPSec.
The network contains a server that runs a legacy application.
The server does NOT support IPSec.
You need to ensure that some of the Windows 8 computers can connect to the legacy server. The solution must ensure that all other connections are secured by using IPSec.
What should you do?

A.    Modify the settings of the Domain Profile.
B.    Create a connection security rule.
C.    Create an inbound firewall rule.
D.    Modify the settings of the Private Profile,

Answer: A
Explanation:
There are three profiles for Windows Firewall with Advanced Security:
– Profile
– Description
– Domain
Applied to a network adapter when it is connected to a network on which it can detect a domain controller of the domain to which the computer is joined.
Private
Applied to a network adapter when it is connected to a network that is identified by the user or administrator as a private network. A private network is one that is not connected directly to the Internet, but is behind some kind of security device, such as a network address translation (NAT) router or hardware firewall. For example, this could be a home network, or a business network that does not include a domain controller. The Private profile settings should be more restrictive than the Domain profile settings.
Public
Applied to a network adapter when it is connected to a public network such as those available in airports and coffee shops. When the profile is not set to Domain or Private, the default profile is Public. The Public profile settings should be the most restrictive because the computer is connected to a public network where the security cannot be controlled. For example, a program that accepts inbound connections from the Internet (like a file sharing program) may not work in the Public profile because the Windows Firewall default setting will block all inbound connections to programs that are not on the list of allowed programs. Each network adapter is assigned the firewall profile that matches the detected network type.
http://technet.microsoft.com/en-us/library/getting-started-wfas-firewall-profiles-ipsec%28v=ws.10%29.aspx

QUESTION 81
You are a systems administrator of a small branch office.
Computers in the office are joined to a Windows 8 HomeGroup.
The HomeGroup includes one shared printer and several shared folders.
You join a new computer to the HomeGroup and try to access the HomeGroup shared folders. You discover that the shared folders are unavailable, and you receive an error message that indicates the password is incorrect.
You need to reconfigure the new computer in order to access the HomeGroup resources.
What should you do?

A.    Adjust the time settings on the new computer to match the time settings of the HomeGroup
computers.
B.    Change the HomeGroup password and re-enter it on the computers of all members of the
HomeGroup.
C.    Change the default sharing configuration for the shared folders on the HomeGroup
computers.
D.    Reset your account password to match the HomeGroup password.

Answer: A
Explanation:
http://technet.microsoft.com/en-us/library/cc754178.aspx

QUESTION 82
Drag and Drop Question
Your network contains an Active Directory domain and 100 Windows 8.1 Enterprise client computers.
All software is deployed by using Microsoft Application Virtualization (App-V) 5.0.
Users are NOT configured as local administrators.
Your company purchases a subscription to Microsoft Office 365 that includes Office 365 ProPlus.
You need to create an App-V package for Office 365 ProPlus.
Which three actions should you perform in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.)
 
Answer:
 
Explanation:
http://blogs.technet.com/b/pauljones/archive/2013/08/28/office-2013-click-to-run-with-configuration-manager-2012.aspx

QUESTION 83
Drag and Drop Questions
You administer computers that run Windows 8.
The computers on your network are produced by various manufacturers and often require custom drivers.
You need to design a recovery solution that allows the repair of any of the computers by using a Windows Recovery Environment (WinRE).
In which order should you perform the actions? (To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.)
 
Answer:
 
Explanation:
Note:
– The Windows Assessment and Deployment Kit (Windows ADK) is a collection of tools and documentation that you can use to customize, assess, and deploy Windows operating systems to new computers.
– Walkthrough: Create a Custom Windows PE Image
Step 1: Set Up a Windows PE Build Environment
Step 2: Mount the Base Windows PE Image
Step 3: Add Boot-Critical Drivers
Step 4: Add Optional Components
Step 5: Add Language Support (Optional)
Step 6: Add More Customization (Optional)
Step 7: Commit Changes
– Walkthrough: Create a Windows RE Recovery Media
Step 1: Create a Windows RE Image
Step 2: Create a bootable media
Reference:
Walkthrough: Create a Custom Windows PE Image
Walkthrough: Create a Windows RE Recovery Media

QUESTION 84
You have 100 client Windows 8.1 computers.
Users are NOT configured as local administrators.
You need to prevent the users from running applications that they downloaded from the Internet, unless the applications are signed by a trusted publisher.
What should you configure in the Security settings from the Action Center?

A.    Virus protection
B.    User Account Control
C.    Windows SmartScreen settings
D.    Network Access Protection

Answer: C
Explanation:
http://windows.microsoft.com/en-ZA/internet-explorer/products/ie-9/features/smartscreen-filter
http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9
http://technet.microsoft.com/en-us/network/bb545879.aspx
http://technet.microsoft.com/en-us/library/cc709691%28v=WS.10%29.aspx


2016 NEW 70-697 Exam Dumps PDF and 70-697 VCE Files 84q from Braindump2go: http://www.braindump2go.com/70-697.html