Validated 70-742 Study Guides 2021

Cause all that matters here is passing exam with . Cause all that you need is a high score of . The only one thing you need to do is downloading free now. We will not let you down with our money-back guarantee.

Check 70-742 free dumps before getting the full version:

NEW QUESTION 1
Your network contains an Active Directory domain named contoso.com.
You have an application named App1 that is deployed to all the client computers in the domain. App1 writes a registry value named LocalStorage on all the client computers.
You need to delete the LocalStorage registry value from all the client computers in the domain that have less than 100 GB of free disk space on their system volume.
What should you do?

  • A. Configure Software Settings in a Group Policy object (GPO) and enable a WMI filter.
  • B. Configure a Group Policy setting to modify the security of the LocalStorage registry value.
  • C. Create an administrative template file that contains the LocalStorage registry setting, and then add the administrative template to a Group Policy object (GPO).
  • D. Configure a Group Policy preference that uses item-level targeting.

Answer: D

Explanation: In Windows Server 2008 Microsoft introduced a Group Policy extension, named Group Policy Preferences (GPP). GPP that includes registry settings, allows you to add, remove or modify key values.
References: https://theitbros.com/add-modify-and-delete-registry-keys-using-group-policy/

NEW QUESTION 2
Your network contains an Active Directory domain named contoso.com. The domain contains a Group Policy object (GPO) named GPO1.
You configure the Internet Settings preference in GPO1 as shown in the exhibit. (Click the Exhibit button.)
70-742 dumps exhibit
A user reports that the homepage of Internet Explorer is not set to http://www.contoso.com. You confirm that the other settings in GPO1 are applied.
You need to configure GPO1 to set the Internet Explorer homepage. What should you do?

  • A. Edit the GPO1 preference and press F5.
  • B. Modify Security Settings for GPO1.
  • C. Modify WMI Filtering for GPO1.
  • D. Modify the GPO1 preference to use item-level targeting.

Answer: A

Explanation: The red dotted line under the homepage URL means that setting is disabled. Pressing F5 enables all settings.

NEW QUESTION 3
You network contains an Active Directory domain named contoso.com. The domain contains 1,000 desktop computers and 500 laptops. An organizational unit (OU) named OU1 contains the computer accounts for the desktop computers and the laptops.
You create a Windows PowerShell script named Script1.ps1 that removes temporary files and cookies. You create a Group Policy object (GPO) named GPO1 and link GPO1 to OU1.
You need to run the script once weekly only on the laptops. What should you do?

  • A. In GPO1, create a File preference that uses item-level targeting.
  • B. In GPO1, create a Scheduled Tasks preference that uses item-level targeting.
  • C. In GPO1, configure the File System security polic
  • D. Attach a WMI filter to GPO1.
  • E. In GPO1, add Script1.ps1 as a startup scrip
  • F. Attach a WMI filter to GPO1.

Answer: B

NEW QUESTION 4
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You deploy a new Active Directory forest.
You need to ensure that you can create a group Managed Service Account (gMSA) for multiple member
servers.
Solution: From Windows PowerShell on a domain controller, you run the Add-KdsRootKey cmdlet.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: A

NEW QUESTION 5
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your network contains an Active Directory domain named contoso.com. The domain contains a single site named Site1. All computers are in Site1.
The Group Policy objects (GPOs) for the domain are configured as shown in the exhibit. (Click the Exhibit button.)
70-742 dumps exhibit
The relevant users and client computer in the domain are configured as shown in the following table.
70-742 dumps exhibit
End of repeated scenario.
Which five GPOs will apply to User1 in sequence when the user signs in to Computer1? To answer, move the appropriate GPOs from the list to the answer area and arrange them in the correct order.
70-742 dumps exhibit

    Answer:

    Explanation: 70-742 dumps exhibit

    NEW QUESTION 6
    Your network contains an Active Directory domain named contoso.com. The domain contains a username User1, a group named Group1, and an organizational unit (OU) named OU1.
    You need to enable User1 to link Group Policies to OU1.
    Solution: From Active Directory Administrative Center, you add User1 to Group1. From ADSI Edit, you grant Group1 Full Control permissions to the “CN=Policies, CN=System, DC=Contoso, DC=com” object.
    Does this meet the goal?

    • A. Yes
    • B. NO

    Answer: B

    NEW QUESTION 7
    Your network contains an Active Directory domain named contoso.com.
    You have an organizational unit (OU) named OU1 that contains the computer accounts of two servers and the user account of a user named User1. A Group Policy object (GPO) named GPO1 is linked to OU1.
    You have an application named App1 that installs by using an application installer named App1.exe. You need to publish App1 to OU1 by using Group Policy.
    What should you do?

    • A. Create a Config.zap file and add a file to the File System node to the Computer Configuration node of GPO1.
    • B. Create a Config.xml file and add a software installation package to the User Configuration node of GPO1.
    • C. Create a Config.zap file and add a software installation package to the User Configuration node of GPO1.
    • D. Create a Config.xml file and add a software installation package to the Computer Configuration node of GPO1.

    Answer: C

    NEW QUESTION 8
    Your network contains an Active Directory forest. The forest contains a domain named contoso.com. The domain contains three domain controllers.
    A domain controller named lon-dc1 fails. You are unable to repair lon-dc1.
    You need to prevent the other domain controllers from attempting to replicate to lon-dc1.
    Solution: From Active Directory Sites and Trusts, you transfer the operations master roles from lon-dc1. Does this meet the goal?

    • A. Yes
    • B. NO

    Answer: B

    NEW QUESTION 9
    Your network contains an Active Directory domain named contoso.com. The domain functional level is Windows Server 2012 R2.
    You need to secure several high-privilege user accounts to meet the following requirements: What should you do?

    • A. Create a universal security group for the user accounts and modify the Security settings of the group.
    • B. Add the users to the Windows Authorization Access Group group.
    • C. Add the user to the Protected Users group.
    • D. Create a separate organizational unit (OU) for the user accounts and modify the Security settings of the OU.

    Answer: C

    NEW QUESTION 10
    Your network contains an Active Directory domain named contoso.com. The domain contains a user named User1, a group named Group1, and an Organizational unit (OU) named OU1.
    You need to enable User1 to link Group Policies to OU1.
    Solution: From Active Directory Users and Computers, you add User1 to the Group Policy Creator Owner group.
    Does this meet the goal?

    • A. Yes
    • B. No

    Answer: B

    NEW QUESTION 11
    Your network contains an Active Directory forest. The forest contains two domain controllers named DC1 and DC2 that run Windows Server 2021. DC1 holds all of the operations master roles.
    DC1 experiences a hardware failure.
    You plan to use an automated process that will create 1,000 user accounts. You need to ensure that the automated process can complete successfully.
    Which command should you run? To answer, select the appropriate options in the answer area.
    70-742 dumps exhibit

      Answer:

      Explanation: Box 1: Move-ADDirectoryServerOperationMasterRole
      Box 2: RIDMaster
      Box 3: -Force

      NEW QUESTION 12
      Note: This question is part of a series of questions that use the same or similar answer choice. An answer choice may be correct for more than one question in the series. Each question is Independent of the other questions in this series. Information and details provided in a question apply only to that question.
      Your network contains an Active Directory domain named contoso.com. The domain functional level is Windows Server 2012 R2.
      Your company hires 3 new security administrators to manage sensitive user data. You create a user account named Secunty1 for the security administrator.
      You need to ensure that the password for Secunty1 has at least 12 characters and is modified every 10 days. The solution must apply to Security 1 only.
      Which tool should you use?

      • A. Dsadd quota
      • B. Dsmod
      • C. Active Directory Administrative Center
      • D. Dsacis
      • E. Dsamain

      Answer: C

      Explanation: Using Fine-Grained Password Policies you specify multiple password policies in a single domain and apply different restrictions for password and account lockout policies to different sets of users in a domain. You can apply stricter settings to privileged accounts and less strict settings to the accounts of other users.To enable Fine-Grained Password Policies (FGPP), you need to open the Active Directory Administrative Center (ADAC)https://blogs.technet.microsoft.com/canitpro/2013/05/29/step-by-step-enabling-and-using-fine-grained-

      NEW QUESTION 13
      A technician named Tech1 is assigned the task of joining the laptops to the domain. The computer accounts of each laptop must be in an organizational unit (OU) that is associated to the department of the user who will use that laptop. The laptop names must start with four characters indicating the department followed by a four-digit number
      Tech1 is a member of the Domain Users group only. Tech1 has the administrator logon credentials for all the laptops.
      You need Tech1 to join the laptops to the domain. The solution must ensure that the laptops are named correctly, and that the computer accounts of the laptops are in the correct OUs.
      Solution: You instruct Tech1 to sign in to each laptop, to rename each laptop by using System in Control Panel, and then to join each laptop to the domain by using the Netdom join command.
      Does this meet the goal?

      • A. Yes
      • B. No

      Answer: A

      NEW QUESTION 14
      Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2021.
      On Server1, you create a local user named User1. User1 is a member of the local Administrators group. Server1 has the following local Group Policies: K
      • Local Computer Policy
      • Local ComputerUser1Policy
      • Local ComputerAdministrators Policy
      You need to force User1 to change his password every 14 days. Solution: You create a Password Setting object (PSO) in the domain.

      • A. Yes
      • B. No

      Answer: B

      NEW QUESTION 15
      You have a server named Server1 that runs Windows Server 2021. Server1 has the Web Application Proxy role service installed.
      You need to publish Microsoft Exchange Server 2013 services through the Web Application Proxy. The solution must use preauthentication whenever possible.
      How should you configure the preauthentication method for each service? To answer, select the appropriate options in the answer area.
      70-742 dumps exhibit

        Answer:

        Explanation: Box 1: Pass-through
        Box 2: Active Directory Federation Services (ADFS) Box 3: Pass-through
        The following table describes the Exchange services that you can publish through Web Application Proxy and the supported preauthentication for these services:
        70-742 dumps exhibit
        References: https://technet.microsoft.com/en-us/library/dn528827(v=ws.11).aspx

        NEW QUESTION 16
        Your company has a marketing department and a security department.
        The network contains an Active Directory domain named contoso.com. The domain contains an enterprise certification authority (CA).
        You have two organizational units (OUs) named MKT_UsersOU and MKT_ComputersOU. MKT_UsersOU contains the user accounts for the users in the marketing department. MKT_ComputersOU contains the computer accounts for the computers in the marketing department.
        A Group policy object (GPO) named GPO1 is linked to MKT_UsersOU. A GPO named GPO2 linked to MKT_ComputersOU.
        You plan to deploy a web application for the marketing department users. The application will require certificates for authentication.
        The security department configures the CA to support the planned deployment.
        You need to ensure that the web application can authenticate the marketing department users. What should you do?

        • A. From the User Configuration node of GPO1, create an Internet Setting preference.
        • B. From the User Configuration node of GPO1, configure the Certificate Services Client - Auto enrollment settings.
        • C. From the Computer Configuration node of GPO2, configure the Certificate Services Client - Certificate Enrollment Policy settings.
        • D. From the Computer Configuration node of GPO2, create the Automatic Certificate Request Settings.

        Answer: A

        NEW QUESTION 17
        Your network contains an Active Directory domain named contoso.com.
        The domain contains an enterprise root certification authority (CA) on a server that runs Windows Server 2021.
        You need to configure the CA to support Online Certificate Status Protocol (OCSP) responders. Which two actions should you perform? Each correct selection presents part of the solution. NOTE: Each correct selection is worth one point.

        • A. Add a new certificate template to issue.
        • B. Modify the Authority Information Access (AIA) of the CA.
        • C. Configure an enrollment agent.
        • D. Install a standalone subordinate CA.
        • E. Modify the CRL distribution point (CDP) of the CA.

        Answer: AB

        Explanation: Once the OCSP service is configured, we need to configure the OCSP Response Signing template. This process includes adding an Authority Information Access (AIA) extension and then issuing a new certificate template.
        References:
        https://www.poweradmin.com/blog/deploying-active-directory-certificate-services-and-online-responder/

        NEW QUESTION 18
        Note: This question is part of a series of questions that use the same scenario. For you convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
        Start of repeated scenario.
        You work for a company named Contoso, Ltd.
        The network contains an Active Directory forest named contoso.com. A forest trust exists between contoso.com and an Active Directory forest named adatum.com.
        The contoso.com forest contains the objects configured as shown in the following table.
        70-742 dumps exhibit
        Group1 and Group2 contain only user accounts.
        Contoso hires a new remote user named User3. User3 will work from home and will use a computer named Computer3 that runs Windows 10. Computer3 is currently in a workgroup.
        An administrator named Admin1 is a member of the Domain Admins group in the contoso.com domain. From Active Directory Users and Computers, you create an organizational unit (OU) named OU1 in the
        contoso.com domain, and then you create a contact named Contact1 in OU1.
        An administrator of the adatum.com domain runs the Set-ADUser cmdlet to configure a user named User1 to have a user logon name of User1@litwareinc.com.
        End of repeated scenario.
        You need to ensure that User2 can add Group4 as a member of Group5. What should you modify?

        • A. the group scope of Group5
        • B. the Managed By settings of Group4
        • C. the group scope of Group4
        • D. the Managed By settings of Group5

        Answer: D

        NEW QUESTION 19
        Your network contains an Active Directory domain named contoso.com. The domain contains an administrative workstation named WKS1 that runs Windows 10.
        You have a Group Policy object (GPO) named GPO1.
        You download a custom administrative template that contains the following files:
        You need to ensure that you can configure GPO1 by using the settings in the new administrative template. To where should you copy each file? To answer, select the appropriate options in the answer area.
        NOTE: Each correct selection is worth one point.
        70-742 dumps exhibit

          Answer:

          Explanation: References:
          https://support.microsoft.com/en-us/help/918239/how-to-write-custom-adm-and-admx-administrative-template-f

          Recommend!! Get the Full 70-742 dumps in VCE and PDF From 2passeasy, Welcome to Download: https://www.2passeasy.com/dumps/70-742/ (New 222 Q&As Version)