Cause all that matters here is passing the Microsoft 70-685 exam. Cause all that you need is a high score of 70-685 Pro: Windows 7, Enterprise Desktop Support Technician exam. The only one thing you need to do is downloading Pass4sure 70-685 exam study guides now. We will not let you down with our money-back guarantee.

Q76. Members of the Sales Support team must contact the help desk to have their AD DS user accounts unlocked.

You need to recommend a solution to ensure that user accounts for members of the Sales Support team are automatically unlocked 10 minutes after becoming locked.

What should you recommend?

A. Create a new Group Policy object with a different account lockout policy and link it to the domain.

B. Modify the Unlock Account options for the members of the Sales security group.

C. Create a fine-grained password policy with a different account lockout policy and apply it to the Sales security group.

D. Modify the Account Properties Options properties for the members of the Sales security group.

Answer: C


Q77. Users access a third-party Web site.

The Web site is updated to use Microsoft Silverlight.

After the update, the help desk receives a high volume of phone calls from users who report that the Web site fails to function.

You need to ensure that the Web site functions properly for the users.

What should you do?

A. Modify the Windows Internet Explorer AJAX settings by using a Group Policy object (GPO).

B. Modify the Windows Internet Explorer add-ons settings by using a Group Policy object(GPO).

C. Add the Web site to the Windows Internet Explorer Compatibility View list by using a Group Policy object (GPO).

D. Add the Web site to the Windows Internet Explorer Restricted sites by using a Group Policy object (GPO).

Answer: B


Q78. All client computers on your company network run Windows 7 and are members of an Active Directory Domain Services domain.

AppLocker is configured to allow only approved applications to run.

Employees with standard user account permissions are able to run applications that install into the user profile folder.

You need to prevent standard users from running unauthorized applications.

What should you do?

A. Create Executable Rules by selecting the Create Default Rules option.

B. Create Windows Installer Rules by selecting the Create Default Rules option.

C. Create the following Windows Installer Rule:

Deny Everyone - %OSDRIVE%\Users\<user name>\Downloads\*

D. Create the following Executable Rule:

Deny - Everyone - %OSDRIVE%\Users\<user name>\Documents\*

Answer: A


Q79. A company has computers running the 64-bit version of Windows 7 Enterprise. All computers are joined to an Active Directory Domain Services (AD DS) domain. All users are part of the local Administrators group.

A user is trying to install a legacy 32-bit application that requires administrative permissions to install. The user reports that the inst.exe installer does not run. Instead, it shows an "access denied" error message and closes. The user does not see a prompt to grant the application permission to make changes to the computer.

You need to ensure that inst.exeruns successfully and can install the application.

What should you do? (Choose all that apply.)

A. Run Disk Defragmenteron the hard disk and then run inst.exe.

B. Modify the properties for inst.exeto run as Administrator.

C. Run the Troubleshoot compatibility wizard for inst.exe.

D. Enable the Administrator account, log on, and then run inst.exe.

E. Advise the user that inst.exe cannot be installed on this system because it is not compatible with 64-bit operating systems.

F. Advise the user that inst.exe cannot be installed on this system because it is not compatible with Windows 7.

Answer: BCD


Q80. A corporate environment includes client computers running Windows 7 Enterprise. Remote access to the corporate network utilizes Network Access Protection (NAP) and DirectAccess.

You need to recommend an approach for providing support technicians with the ability to easily determine the cause of client-side remote access issues.

What is the best approach to achieve the goal? (More than one answer choice may achieve the goal. Select the BEST answer.)

A. Run network tracing for DirectAccess on client computers.

B. Grant the support technicians access to the DirectAccess Management Console.

C. Deploy the DirectAccess Connectivity Assistant (DCA) to client computers.

D. Run Windows Network Diagnostics on client computers.

Answer: D


Q81. Portable computer users report that they can use Internet Explorer to browse Internet Web sites only when they are connected to the company network.

You need to ensure that portable computer users can access Internet Web sites from wherever they connect.

What should you do?

A. Instruct the users to configure static IPv4 settings.

B. Instruct the users to configure automatic IPv4 settings.

C. Request that a domain administrator link GPO-IE to Active Directory site objects.

D. Request that a domain administrator create a new GPO that modifies the Internet Explorer Maintenance settings, and then link the new GPO to the Users OUs.

Answer: C


Q82. Five users from the main office travel to the branch office. The users bring their portable computers.

The help desk reports that the users are unable to access any network resources from the branch office.

Branch office users can access the network resources.

You need to ensure that the main office users can access all network resources by using their portable computers in the branch office. The solution must adhere to the corporate security guidelines.

What should you instruct the help desk to do on the portable computers?

A. Create a new VPN connection.

B. Add the users to the local Administrators group.

C. Add the users to the Network Configuration Operators group.

D. Configure the alternate configuration for the local area connection.

Answer: D


Q83. You have a development network that you use for testing purposes. The development network contains an Active Directory domain.

Users have computers that run Windows 7. The users have several virtual machines that run Windows 7. The virtual machines are joined to Active Directory.

Several users report that when they discard changes on the virtual machines, and then attempt to log on to the machines, they sometimes receive the following error message:

You need to prevent this error from recurring.

What should you do?

A. Create a Password Setting object (PSO) in Active Directory.

B. Modify the security settings by using a Group Policy object (GPO).

C. On the virtual machines, create a password reset disk.

D. On the virtual machines, modify the User Account Control (UAC) settings.

Answer: B


Q84. VPN users report that they cannot access shared resources in the branch offices. They can access shared resources in the main office.

Users in the main office report that they can access shared resources in the branch offices.

You need to ensure that the VPN users can access shared resources in the branch offices.

What should you request?

A. that a change be made to the routing table on VPN1

B. that VPN1 be configured to support PPTP-based VPN connections

C. that the routers between the main office and the branch offices be reconfigured

D. that a DNS record for servers in the branch offices be added to the Internet DNS zone for fourthcoffee.com

Answer: A


Q85. All client computers on your company network were recently upgraded from Windows Vista to windows 7.

Several employees use a scanner to import document images into a database. They install a new scanning application on their computers. The application updates the device driver for the scanners as part of the installation process.

Employees report that the application can no longer connect to the scanner.

You need to ensure that the employees can use the scanner.

What should you do?

A. Roll back the device driver to the previous version.

B. Reinstall the application in Windows Vista compatibility mode.

C. Set the application compatibility properties to run the application as an administrator.

D. Restart the computer by using the System Configuration tool to load only basic devices and services.

Answer: A


Q86. This is the first in a series of questions that all present the same scenario. For your convenience, the scenario is repeated in each question. Each presents a different goal and answer choices, but the text of the scenario is exactly the same in each in this series.

Topic 1, Consolidated Messenger

Scenario:

You are an enterprise desktop support technician for Consolidated Messenger.

Network Configuration

The company has three offices named Office1, Office2, and Office3. The offices connect to each other over the Internet by using VPN connections. Each office has an 802.11g wireless access point. All wireless access points are configured to use Radius01 for authentication.

Active Directory Configuration

The network contains one Active Directory domain named consolidatedmessenger.com. The relevant organizational unit structure is shown in the following diagram:

Client Configuration

Each office has 500 desktop computers that run Windows 7 Enterprise.

There are 250 mobile users that travel regularly between all three offices. The mobile users have laptop computers that run Windows 7 Enterprise.

To prevent the spread of malware, the company restricts the use of USB devices and only allows the use of approved USB storage devices.

Printers

The marketing group has several printers that are shared on File01. A shared printer name Printer1 is a high-performance, black-and-white printer. A shared printer named Printer2 is a high-definition, photo-quality, color printer. Printer2 should only be used to print marketing brochures.

The chief financial officer (CFO) releases new guidelines that specify that only users from Finance are allowed to run FinanceApp1.

Users in the Marketing OU report that they can run FinanceApp1.

You need to ensure that only users in the Finance OU can run FinanceApp1.

What should you do?

A. In the AllComputers GPO, create a new AppLocker executable rule.

B. In the Desktops GPO and the Laptops GPO, create a new Windows Installer rule.

C. In the AllComputers GPO, create a software restriction policy and define a new hash rule.

D. In the Desktops GPO and the Laptops GPO, create a software restriction policy and define a new path rule.

Answer: A


Q87. A corporate environment includes client computers running Windows 7 Enterprise. The client computers are joined to an Active Directory Domain Services (AD DS) domain. A member server named SERVER01 hosts shared folders and a website. DNS is the primary name-resolution protocol in use. There have been no recent changes to the DNS entries.

The user of a client computer named PC01 can access the shared folders, but cannot access the website by using Windows Internet Explorer. Users of other client computers can access the shared folders and the website.

You need to recommend an approach for ensuring that the user can access the website from PC01.

What is the best approach to achieve the goal? (More than one answer choice may achieve the goal. Select the BEST answer.)

A. Clear the proxy server setting from Internet Explorer on PC01.

B. Run the ipconfig /registerdns command from SERVER01.

C. Run the ipconfig /flushdns command from PC01.

D. Restart the World Wide Web Publishing service on SERVER01.

Answer: C


Q88. All client computers on your company network run Windows 7. All servers in your company run Windows Server 2008 R2. Employees use a VPN connection to connect to the company network from a remote location.

Employees remain connected to the VPN server to browse the Internet for personal use.

You need to ensure that employees are unable to use the VPN connection for personal use.

What should you do?

A. Configure the VPN connection to append a connection-specific DNS suffix.

B. Configure the VPN connection to use machine certificates for authentication.

C. Use Group Policy to disable the Use default gateway on remote network setting on each client computer.

D. Use Group Policy to configure the firewall on each computer to block outgoing connections when using the VPN connection.

Answer: C


Q89. All client computers on your company network run Windows 7.

The preview displayed in the Content view of Windows Explorer and the Search box is considered a security risk by your company.

You need to ensure that documents cannot be previewed in the Content view.

What should you do?

A. Change the Windows Explorer view to the List view and disable all Search indexes.

B. Set Group Policy to enable the Remove See More Results/Search Everywhere link setting.

C. Set Group Policy to enable the Turn off the display of snippets in Content view mode setting.

D. Set Group Policy to enable the Turn off display of recent search entries in the Windows Explorer search box setting.

Answer: C


Q90. A corporate environment includes client computers running Windows 7 Enterprise. The hard drives of all client computers are encrypted by using Windows BitLocker Drive Encryption. The operating system of a client computer is not found. You are unable to repair the operating system. You need to recommend an approach for salvaging data from the client computer. What is the best approach to achieve the goal? (More than one answer choice may achieve the goal. Select the BEST answer.)

A. Use the BitLocker Active Directory Recovery Password Viewer.

B. Use the BitLocker Drive Encryption Recovery Console.

C. Use a data recovery agent.

D. Use the BitLocker Repair Tool.

Answer: D