We provide real 70-685 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Microsoft 70-685 Exam quickly & easily. The 70-685 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Microsoft 70-685 dumps pdf and vce product and material, you can easily pass the 70-685 exam.
Q11. A corporate environment includes 10,000 client computers running Windows 7 Enterprise. The client computers are joined to an Active Directory Domain Services (AD DS) domain named contoso.com. DNS is the preferred name-resolution protocol. There have been no recent changes to the DNS entries. WINS is not running in the environment. When most users attempt to connect to pc01.contoso.com from their client computers, the URL resolves to the incorrect IP address. The URL resolves correctly from only one client computer. On the client computers experiencing the issue, the HOSTS file does not include an entry for pc01.contoso.com. You need to recommend an approach for resolving pc01.contoso.com correctly from all client computers. What is the best approach to achieve the goal? (More than one answer choice may achieve the goal. Select the BEST answer.)
A. Run the ipconfig /flushdns command from the client computers experiencing the issue.
B. Add a pc01 entry pointing to the correct IP address to the LMHOSTS file on each of the client computers experiencing the issue.
C. Add a pc01.contoso.com entry pointing to the correct IP address to the HOSTS file on each of the client computers experiencing the issue.
D. Run the ipconfig /registerdns command from PC01.
Answer: C
Q12. All client computers on your company network run Windows 7. The computers are members of a Windows Server 2008 Active Directory Domain Services domain.
Malicious software is spreading automatically from removable drives.
You need to ensure that malicious software does not automatically run on the computers.
What should you do?
A. Disable the Windows Installer by using Domain Group Policy.
B. Disable the Autoplay function by using Domain Group Policy.
C. Disable the ActiveX installation policy by using Domain Group Policy.
D. Prevent the installation of unsigned drivers by using Domain Group Policy.
Answer: B
Q13. Your company has client computers that run Windows 7 and client computers that run Windows XP Professional.
You enable the Network Discovery feature on the Windows 7 computers.
You discover that the Windows XP computers do not appear on the network map.
You need to ensure that all client computers appear on the network map.
What should you do?
A. Configure the IPv6 protocol on the Windows 7 computers.
B. Configure the network shares on the Windows 7 computers to include the user names of all employees.
C. Configure the network shares on the Windows XP computers to include the user names of all employees.
D. Install the Link Layer Topology Discovery (LLTD) Responder on the Windows XP computers.
Answer: D
Q14. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 9, Wingtip Toys
Scenario:
You are an enterprise desktop support technician for Wingtip Toys. Wingtip Toys has two offices.
Active Directory Configuration
The network contains a single Active Directory domain. An Active Directory site exists for each office. The network contains the organizational units (OUs) that are shown in the following table:
The network contains an enterprise root certification authority (CA). Certificate autoenrollement is enabled for all users.
Network Configuration
Each office has a wireless network. You control access to the wireless network in office 1 by using Network Access Protection (NAP). A Group Policy object (GPO) named GPO1 configures the NAP settings for the computers in office 1.
Resource Access
The Documents folders of all users are encrypted by using Encrypting File System (EFS). The Documents folders of all users are backed up daily.
A Web server named Web1 hosts an internal Web site named WebSite1. Users connect to WebSite1 from the Internet by using the URL http://website1.wingtiptoys.com. The domain name website1.wingtiptoys.com is resolved by using the hosts file that is located on each client computer.
Users frequently work from home. Home users connect to the internal network by using SSTP- based VPN connections.
Line of Business Applications
Your company has a line-of-business application named App1. App1 is installed only on computers that run Windows XP. You test App1 by using the Microsoft Application Compatibility Toolkit (ACT). ACT reports that App1 can be made compatible to run on Windows 7.
You deploy App1 on a test Windows 7 computer and notice that it fails to run.
You need to ensure that App1 runs on Windows 7 computers.
What should you do?
A. Digitally sign App1.
B. Develop and deploy a shim for App1.
C. Configure an AppLocker policy.
D. Configure a Software Restriction Policy.
Answer: B
Q15. Users in the Sales Support team access a web application that uses AD DS for authentication.
Thirty days after their user accounts are created users cannot authenticate to run the application.
You need to ensure that the Sales Support team can continue to use the web application.
What should you do?
A. Modify the Account Expires options for the Sale Support team user accounts.
B. Instruct the users to reset their passwords by using OWA (Outlook Web Access).
C. Instruct the users to reset their passwords by using the Local Users and Groups snap-in.
D. Modify the Logon Hours options for the Sales Support team user accounts.
Answer: B
Q16. The help desk reports that several client computers in branch office 1 are missing security updates.
You need to identify which security updates are missing.
What should you request?
A. that a WSUS administrator generate a Computer Report from WSUS1
B. that a domain administrator run the Microsoft Baseline Security Analyzer (MBSA)
C. that a desktop support technician run a Windows Defender scan on each computer
D. that a desktop support technician generate a System Configuration report for each computer
Answer: B
Q17. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.
Topic 7, Contoso, Ltd.
Scenario:
You are an enterprise desktop support technician for Contoso, Ltd.
IP Addressing
Contoso has one office. The IP addressing for Contoso is configured as shown in the following table:
A year ago, a Windows Server 2008 R2 VPN server was deployed. Ten sales users participated in a pilot project to test the new VPN. The pilot project lasted two months. After the pilot project, the VPN server was put into production. The VPN server allows L2TP/IPSec-based VPN connections only. The VPN server requires certificate authentication.
Printer Configuration
Network printers are located in a single room on each floor. Users can search Active Directory to find printers that are nearby. Print1 is the print server for all printers.
Client Computer Configuration
Most users have desktop computers. Several users in the sales and management departments have portable computers because they travel frequently. All client computers run Windows 7 Enterprise.
The Windows Internet Explorer proxy settings are configured on all client computers by using a GPO named GPO-IE. GPO-IE is linked to the domain.
All users in the company use a custom application named App1. App1 is manually installed on all client computers. A new version of App1 is available. Some features in the new version of App1 are incompatible with the previous version of App1.
The help desk reports that several users use the previous version of App1, which causes some data to become corrupt.
You need to recommend a solution to prevent all users from using the previous version of App1.
What should you recommend?
A. that a domain administrator create a GPO linked to the domain and configure AppLocker settings in the GPO
B. that a domain administrator create a GPO linked to the domain and configure Software Installation settings in the GPO
C. that the new version of App1 be added to the Data Execution Prevention (DEP) settings on each client computer
D. that the previous version of App1 be added to the Data Execution Prevention (DEP) settings on each client computer
Answer: A
Q18. Remote users report that after they renew their smart card certificates, they are unable to log on to their computers by using their smart cards.
You need to ensure that users can log on by using their smart cards.
What should you instruct the users to do?
A. Change their smart card PINs.
B. Request a new smart card certificate.
C. Log on by using their user names and passwords, and then lock and unlock their computers.
D. Establish a VPN connection from the logon screen and use their smart cards for authentication.
Answer: D
Q19. The help desk reports that they receive many calls from remote users who cannot access Internet Web sites while they are connected to the VPN. The help desk instructs the users to manually configure the VPN connection so that the users can access Internet Web sites while connected to the VPN.
You need to provide a recommendation to reduce the number of calls to the help desk regarding this issue.
What should you recommend?
A. Deploy a Network Policy Server (NPS).
B. Replace the SSTP-based VPN with a PPTP-based VPN.
C. Issue computer certificates from a trusted root certification authority (CA) to all remote users.
D. Create and distribute Connection Manager Administration Kit (CMAK) profiles to all remote users.
Answer: D
Q20. All client computers on your company network run Windows 7 and are members of an Active Directory Domain Services domain.
Employees using portable computers report that they get connected to a coffee shop wireless network from the company conference room.
You need to ensure that the employees connect to the company wireless network by default from anywhere within the company premises.
What should you do?
A. Configure the Network authentication (Shared mode) setting.
B. Apply a Wireless Network Policy to set the network type to WPA-PSK.
C. Apply a Wireless Network Policy to automatically connect to the company wireless network.
D. Apply a Wireless Network Policy to set the company wireless network as the preferred network.
Answer: D