← Back to exam page

70-744 Securing Windows Server 2016

Loading demo links...

Showing 7–9 of 15 questions

Question 7

Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server5 that runs Windows Server 2016.

You need to configure Server5 as a Just Enough Administration (JEA) endpoint.

Which two actions should you perform? Each correct answer presents part of the solution.

Select all that apply, then click Submit answer.

  • Generate a random Globally Unique Identifier (GUID).

  • Create and export a Windows PowerShell session.

  • Create and register a session configuration file.

  • Deploy Microsoft Identity Manager (MIM) 2016.

  • Create a maintenance Role Capability file.
Question 8

Your network contains an Active Directory domain named contoso.com. The domain contains 1,000 client computers that run Windows 8.1 and 1,000 client computers that run Windows 10.

You deploy a Windows Server Update Services (WSUS) server. You create a computer group for each organizational unit (OU) that contains client computers. You configure all of the client computers to receive updates from WSUS.

You discover that all of the client computers appear in the Unassigned Computers computer group in the Update Services console.

You need to ensure that the client computers are added automatically to the computer group that corresponds to the location of the computer account in Active Directory.

Which two actions should you perform? Each correct answer presents part of the solution.

Select all that apply, then click Submit answer.

  • From Group Policy objects (GPOs), configure the Enable client-side targeting setting.

  • From the Update Services console, configure the Computers option.

  • From Active Directory Users and Computers, create a domain local distribution group for each WSUS computer group.

  • From Active Directory Users and Computers, modify the flags attribute of each OU.
Question 9

Your network contains an Active Directory domain.

You plan to implement Dynamic Access Control.

You need to create a central access rule that will grant permissions to users who have the Department attribute set to Finance. The users must have access to resources that have the Department property set to Finance.

Which two actions should you perform before you create the central access rule? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Select all that apply, then click Submit answer.

  • Enable a claim type

  • Create a central access policy

  • Create a resource property list

  • Enable a resource property

  • Create a claim type