[Free] 2018(June) Ensurepass Microsoft 70-687 Dumps with VCE and PDF 41-50

Ensurepass.com : Ensure you pass the IT Exams
2018 May Microsoft Official New Released 70-687
100% Free Download! 100% Pass Guaranteed!

Configuring Windows 8.1

Question No: 41 – (Topic 1)

An organization has client computers that run Windows 7.

You install the Windows Assessment and Deployment Kit (ADK) in the environment.

You capture user settings and data files to a network share, and then perform a clean installation of Windows 8.1 on the client computers.

You need to apply the user profiles from the Windows 7 installation to the Windows 8.1 installation.

What should you do?

  1. Run the Ioadstate command.

  2. Copy the Default Profile to a folder on drive C.

  3. Run the scanstate command.

  4. Run Windows Easy Transfer and select the user profile to migrate.

  5. Run the ImageX command

Answer: A

Explanation: http://4sysops.com/archives/windows-8-migration-user-data-and-settings/ Windows 8 migration – User data and settings

User State Migration Tools (USMT)

You can extract the USMT tools from the Windows ADK.

USMT is revised to version 5.0 for Windows Server 2012 and Windows 8, and consists of the following three programs:

Scanstate.exe: This tool performs the user state backup Loadstate.exe: This tool performs the user state restore

Usmtutils.exe: This tool enables you to verify compressed migration store files as well as extract contents from them

Question No: 42 – (Topic 1)

A company has client computers that run Windows 8.1. Finance department employees store files in the C:\Finance directory. File History is on.

A Finance department employee attempts to restore a file to a previous version by using File History. The file is not available to restore.

You need to establish why the file history is not available and ensure that it is available in the future.

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

  1. Review the File History backup log.

  2. Move the file into a library.

  3. Restore the data files from the Previous Versions tab located in the folder properties.

  4. Set the Protection Settings for drive C to On.

Answer: A,B Explanation:

http://blogs.windows.com/windows/b/extremewindows/archive/2012/12/20/a-new-way-to- backup-file-history-in-windows-8.aspx

File History only backs up data in libraries, favorites, desktop, and contacts and must use a non-system drive for backup.

Since File History is already on we can assume the drive doesn#39;t need to be changed. So we should review the log and move the file to a library.

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Question No: 43 – (Topic 1)

A company has client computers that run Windows 8.1. The client computer systems frequently use IPSec tunnels to securely transmit data.

You need to configure the IPSec tunnels to use 256-bit encryption keys. Which encryption type should you use?

  1. 3DES

  2. DES

  3. RSA

  4. AES

Answer: D

Explanation: http://technet.microsoft.com/en-us/library/dd125356(v=ws.10).aspx Descriptions of the IPsec Algorithms and Methods

Encryption algorithms

Data encryption algorithms are used to provide confidentiality to the data payload of an IPsec-protected network packet. Encryption algorithms can be very computationally intensive and can significantly impact computer performance. We recommend that you only encrypt network traffic that requires encryption. If you find that encryption impacts performance more than expected, consider using a network adapter that supports IPsec task offload.

DES

DES is a block cipher encryption protocol that uses a 56-bit key and is documented in Federal Information Processing Standards Publication 46-3 (http://go.microsoft.com/fwlink/?linkid=128014). A block cipher is an encryption algorithm that operates on a fixed size block of data. DES encrypts data in 64-bit blocks using a 64- bit key. The key appears to be a 64-bit key, but one bit in each of the 8 bytes is used for error checking, resulting in 56 bits of usable key.

3DES

Triple-DES or 3DES is an encryption protocol that provides stronger encryption than DES. It is documented in Federal Information Processing Standards Publication 46-3 (http://go.microsoft.com/fwlink/?linkid=128014). 3DES is a block cipher that uses a three- step encryption process that is more secure than DES. A block cipher is an encryption algorithm that operates on a fixed size block of data.

AES-CBC 128, 192, and 256

The AES in Cipher Block Chaining mode (AES-CBC) encryption algorithms are part of the NSA “Suite B” and are documented in RFC 3602 (http://go.microsoft.com/fwlink/?linkid=127990). AES is documented in Federal Information Processing Standards Publication 197 (http://go.microsoft.com/fwlink/?linkid=127986). The AES algorithm is a symmetric block cipher that can encrypt and decrypt information in data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256 bits. Longer key lengths provide better security at the cost of CPU performance due to the more intensive computational requirements. Cipher block chaining (CBC) is used to hide patterns of identical blocks of data within a packet. An initialization vector (an initial random number) is used as the first random block to encrypt and decrypt a block of data. Different random blocks are used in conjunction with the secret key to encrypt each successive block. This ensures that identical sets of unsecured data (plaintext) result in unique, encrypted data blocks.

AES-GCM 128, 192, and 256

AES-GCM is both an integrity and encryption algorithm and is described in the Integrity algorithms section.

Question No: 44 – (Topic 1)

A company has client computers that run Windows 8.1. The company uses Windows BitLocker Drive Encryption with the data-only option o all client computers.

You need to remove data fragments that exist in the free space on the local computer disk drives, without affecting current user data.

Which command should you run on the computers?

  1. BdeHdCfg

  2. diskpart

  3. chkdsk

  4. manage-bde

Answer: D Explanation:

http://technet.microsoft.com/en-us/library/jj647761.aspx

Manage-bde -WipeFreeSpace|-w [lt;Drivegt;] [-Cancel] [-computernamelt;Namegt;] [{-?|/?}] [{- help|-h}]

Wipes the free space on the volume removing any data fragments that may have existed in the space. Running this command on a volume that was encrypted using the “Used Space Only” encryption method provides the same level of protection as the “Full Volume Encryption” encryption method.

http://technet.microsoft.com/en-us/library/ff829850.aspx Bdehdcfg

Prepares a hard drive with the partitions necessary for BitLocker Drive Encryption

Question No: 45 – (Topic 1)

A company has an Active Directory Domain Services (AD DS) domain. All client computers run Windows 8.1.

You need to minimize the amount of Trusted Platform Module (TPM) authorization information that is stored in the registry.

What should you do?

  1. Enable Platform Configuration Register indices (PCRs) 0, 2, 4, and 11 for the Configure TPM validation profile for native UEFI firmware configuration policy setting.

  2. Create a Group Policy object (GPO) that disables the Configure the level of TPM owner authorization information available to operating system policy setting.

  3. Create a Group Policy object (GPO) that sets the Configure the level of TPM owner authorization information available to operating system policy setting to None.

  4. Create a Group Policy object (GPO) that enables the Turn on TPM Local Encryption policy setting.

Answer: C Explanation:

http://technet.microsoft.com/en-us/library/jj679889.aspx#BKMK_tpmgp_oauthos

Configure the level of TPM owner authorization information available to the operating system

This policy setting configures how much of the TPM owner authorization information is stored in the registry of the local computer. Depending on the amount of TPM owner authorization information that is stored locally, the Windows operating system and TPM- based applications can perform certain actions in the TPM that require TPM owner authorization without requiring the user to enter the TPM owner password.

There are three TPM owner authentication settings that are managed by the Windows operating system. You can choose a value of Full, Delegate, or None.

Full – This setting stores the full TPM owner authorization, the TPM administrative delegation blob, and the TPM user delegation blob in the local registry. With this setting, you can use the TPM without requiring remote or external storage of the TPM owner authorization value. This setting is appropriate for scenarios that do not require you to reset the TPM anti-hammering logic or change the TPM owner authorization value. Some TPM- based applications may require that this setting is changed before features that depend on the TPM anti-hammering logic can be used.

Delegated – This setting stores only the TPM administrative delegation blob and the TPM user delegation blob in the local registry. This setting is appropriate for use with TPM- based applications that depend on the TPM antihammering logic. When you use this setting, we recommend using external or remote storage for the full TPM owner authorization value-for example, backing up the value in Active Directory Domain Services (AD DS).

None – This setting provides compatibility with previous operating systems and applications. You can also use it for scenarios when TPM owner authorization cannot be stored locally. Using this setting might cause issues with some TPM-based applications.

Further Information:

http://technet.microsoft.com/en-us/library/cc770660.aspx

Active Directory Domain Services (AD DS) can be used to store Trusted Platform Module (TPM) recovery information.

There is only one TPM owner password per computer; therefore, the hash of the TPM owner password is stored as an attribute of the computer object in AD DS. The attribute has the common name (CN) of ms-TPM-OwnerInformation.

http://www.group-policy.com/ref/policy/2859/Configure_TPM_platform_validation_profile Configure TPM platform validation profile

This policy setting allows you to configure how the computer#39;s Trusted Platform Module

(TPM) security hardware secures the BitLocker encryption key. This policy setting does not apply if the computer does not have a compatible TPM or if BitLocker has already been turned on with TPM protection.

If you enable this policy setting before turning on BitLocker, you can configure the boot components that the TPM will validate before unlocking access to the BitLocker-encrypted operating system drive. If any of these components change while BitLocker protection is in effect, the TPM will not release the encryption key to unlock the drive and the computer will instead display the BitLocker Recovery console and require that either the recovery password or recovery key be provided to unlock the drive.

If you disable or do not configure this policy setting, the TPM uses the default platform validation profile or the platform validation profile specified by the setup script. A platform validation profile consists of a set of Platform Configuration Register (PCR) indices ranging from 0 to 23, The default platform validation profile secures the encryption key against changes to the Core Root of Trust of Measurement (CRTM), BIOS, and Platform Extensions (PCR 0), the Option ROM Code (PCR 2), the Master Boot Record (MBR) Code (PCR 4), the NTFS Boot Sector (PCR 8), the NTFS Boot Block (PCR 9), the Boot Manager (PCR 10), and the BitLocker Access Control (PCR 11). The descriptions of PCR settings for computers that use an Extensible Firmware Interface (EFI) are different than the PCR settings described for computers that use a standard BIOS. The BitLocker Drive Encryption Deployment Guide on Microsoft TechNet contains a complete list of PCR settings for both EFI and standard BIOS.

Warning: Changing from the default platform validation profile affects the security and manageability of your computer. BitLocker#39;s sensitivity to platform modifications (malicious or authorized) is increased or decreased depending upon inclusion or exclusion (respectively) of the PCRs.

Question No: 46 DRAG DROP – (Topic 1)

You have a computer that runs Windows 8.1, and three unused external disk drives.

You are creating a volume to store picture files. You have the following requirements:

->Use all three external disk drives.

->Ensure that the volume is accessible from a single drive letter.

->Maximize the available space.

You need to create the volume.

Which three actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

Ensurepass 2018 PDF and VCE

Disk Management tool does not have a setting for disk resiliency.

In Storage Pool select quot;Simplequot; (no resiliency): A simple storage space writes one copy of your data, and doesn’t protect you from drive failures. A simple storage space requires at least one drive.

http://www.eightforums.com/tutorials/4203-storage-spaces-create-new-pool-storage- spacewindows-8-a.html

How Create a New Pool and Storage Space in Windows 8

To Create a New Pool and Storage Space

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

http://blogs.msdn.com/b/olivnie/archive/2013/02/05/windows-8-storage.aspx Windows 8: Storage

Storage Spaces

Storage Spaces is a new feature for Windows庐 8 that allows a user to combine several disks into a single pool of storage that provides for easier management of multiple disks and resiliency against hardware failure on any of those disks. The disks that you use for Storage Spaces can be a mix of different-sized disks, and these can be connected to Microsoft庐 Windows using both internal and external connections, making it easy to turn the collection of drives you already have into a safe and easy-to-manage place to store things like your home videos or photos.

The table below describes the different options for resiliency:

Ensurepass 2018 PDF and VCE

Question No: 47 – (Topic 1)

A company has client computers that run Windows 8.1.

The client computers are connected to a corporate private network.

Users are currently unable to connect from their home computers to their work computers by using Remote Desktop.

You need to ensure that users can remotely connect to their office computers by using Remote Desktop. Users must not be able to access any other corporate network resource from their home computers.

Which setting should you configure on the home computers?

  1. Virtual Private Network connection

  2. Remote Desktop local resources

  3. DirectAccess connection

  4. Remote Desktop Gateway IP address

Answer: A Explanation:

DirectAccess is for Windows Server 2008/2012/Win 7 Ultimate/Enterprise/Win 8 Enterprise only RD Gateway setup is only for servers

Create VPN through manage networks. File -gt; Allow incoming connections. Connect through internet and create VPN which will allow one computer at a time to view the hosts resources, and only the hosts resources unlike standard VPNs.

Question No: 48 DRAG DROP – (Topic 1)

A computer currently runs a 32-bit version of Windows 7 Ultimate.

You need to deploy a 64-bit version of Windows 8.1 to the computer. The new deployment must be the only version of Windows on the computer.

Which three actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

Ensurepass 2018 PDF and VCE

http://pcsupport.about.com/od/windows-8/ss/windows-8-clean-install-part-1_9.htm How To Clean Install Windows 8 or 8.1 (Part 1 of 2)

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Question No: 49 – (Topic 1)

A company has an Active Directory Domain Services (AD DS) domain. All client computers run

Windows 8.1 and are joined to the domain.

You have the following requirements:

->Ensure that files in shared network folders are available offline.

->Minimize all data access times.

->Reduce network bandwidth usage.

You need to configure Group Policy settings to meet the requirements. What should you do first?

  1. Enable the Enable file synchronization on costed networks policy setting.

  2. Enable and configure the Configure slow-link mode policy setting.

  3. Enable and configure the specify administratively assigned Offline Files policy setting.

  4. Enable the Synchronize all offline files when logging on policy setting.

Answer: B Explanation:

To enable the Always Offline mode, use Group Policy to enable the Configure slow-link mode policy setting and set the latency to 1 (millisecond). Doing so causes client computers running Windows 8.1 or Windows Server 2012 to automatically use the Always Offline mode.

Computers running Windows 7, Windows Vista, Windows Server 2008 R2, or Windows Server 2008 mightcontinue to transition to the Online mode if the latency of the network connection drops below one millisecond.

Specify administratively assigned Offline Files – This will not minimize data access times, nor reduce network bandwidth usage.

Ensurepass 2018 PDF and VCE

Question No: 50 – (Topic 1)

A company has an Active Directory Domain Services (AD DS) domain. All client computers run Windows 8.1 and are joined to the domain.

You have the following requirements:

->Ensure that files in shared network folders are available offline.

->Maximize efficiency for users who connect to shared network folders from a mobile device.

You need to configure Group Policy settings to meet the requirements. What should you do first?

  1. Enable and configure the Configure slow-link mode policy setting.

  2. Enable the Enable file synchronization on costed networks policy setting.

  3. Enable the Synchronize all offline files when logging on policy setting.

  4. Enable and configure the Specify administratively assigned Offline Files policy setting.

Answer: B Explanation:

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

http://technet.microsoft.com/en-us/library/jj127408.aspx Enable Background File Synchronization on Metered Networks

This document describes how to enable background file synchronization of Offline Files while using metered connections that have usage limits, and while roaming on another provider’s network.

Windows 8.1, Windows 8, Windows Server 2012 R2, and Windows Server 2012 support cost-aware synchronization by automatically tracking roaming and bandwidth usage limits while on metered connections. By default, when the user is using a metered connection (such as a 4G mobile network) and is near or over their bandwidth limit or roaming on another provider’s network, Windows switches to Offline mode and disables background

synchronization. Users can still manually initiate synchronization, and administrators can override cost-aware synchronization for specific users, such as executives.

100% Ensurepass Free Download!
Download Free Demo:70-687 Demo PDF
100% Ensurepass Free Guaranteed!
70-687 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *