Our pass rate is high to 98.9% and the similarity percentage between our 70-685 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Microsoft 70-685 exam in just one try? I am currently studying for the Microsoft 70-685 exam. Latest Microsoft 70-685 Test exam practice questions and answers, Try Microsoft 70-685 Brain Dumps First.

Q81. All client computers on your company network run Windows 7. The computers are members of a Windows Server 2008 R2 domain.

You need to ensure that data stored on removable drives is encrypted.

What should you do?



Software Environment

An existing GPO named AppLockdown applies to Windows 7 machines and uses AppLocker to ensure that:

   No .bat files are allowed to be run by users and rules are enforced

An existing GPO named RestrictApps applies to Windows XP client computers and uses a Software Restriction Policy to ensure that:

   No .bat files are allowed to be run by users and rules are enforced

Data Protection Environment

Some users at the Manufacturing site use EFS to encrypt data.

A user account named EFSAdmin has been designated as the Data Recovery Agent (DRA).

The DRA certificate and private key are stored on a portable USB hard drive.

As part of the yearly security compliance audits, a vendor is due to arrive at Tailspin Toys in a month to perform the yearly audit. To prepare for the audit, management has asked you to participate in an internal review of the company's existing security configurations related to network security and data security. The management team has issued the following requirements:

New software requirements

All installation programs must be digitally signed.

Minimum permissions must be granted for installation of programs.

Internet Explorer requirements

Users must not be able to bypass certificate warnings.

Users must not be able to add Internet Explorer add-ons unless the add-ons are approved by IT.

Data protection requirements

All portable storage devices must use a data encryption technology. 

The solution must meet the following requirements: 

Allow all users a minimum of read access to the encrypted data while working from their company client computers. Encrypt entire contents of portable storage devices. Minimize administrative overhead for users as files and folders are added to the portable storage devices.

Recovery information for client computer hard drives must be centrally stored and protected with data encryption.

Users at the Manufacturing site must have a secondary method of decrypting their existing files if they lose access to their certificate and private key or if the EFS Admin's certificate is not available.

You need to recommend a solution to ensure that a secondary method is available to users. The solution must not require accessing or altering the existing encrypted files before decrypting them.

What should you recommend that the users do?


Answer: B