What is the best way to pass the Microsoft 70-744 exam? (First: Exam practice test, Second: Lead4pass Microsoft expert.) You can get free Microsoft 70-744 exam practice test questions here.
Or choose https://www.leads4pass.com/70-744.html (224 Q&As). Study hard to pass the exam easily!
Microsoft MCSE 70-744 Exam Video
Table of Contents:
- Latest Microsoft MCSE 70-744 google drive
- Effective Microsoft 70-744 exam practice questions
- Related 70-744 Popular Exam resources
- Lead4Pass Year-round Discount Code
- What are the advantages of Lead4pass?
Latest Microsoft MCSE 70-744 google drive
[PDF] Free Microsoft MCSE 70-744 pdf dumps download from Google Drive: https://drive.google.com/open?id=1Jx2haiw2G8Vl2xgjukmxtIB5Xvw7K0L7
Exam 70-744: Securing Windows Server 2016 – Microsoft:https://www.microsoft.com/en-us/learning/exam-70-744.aspx
Skills measured: This exam measures your ability to accomplish the technical tasks listed below.
- Implement Server Hardening Solutions (25-30%)
- Secure a Virtualization Infrastructure (5-10%)
- Secure a Network Infrastructure (10-15%)
- Manage Privileged Identities (25-30%)
- Implement Threat Detection Solutions (15-20%)
- Implement Workload-Specific Security (5-10%)
Who should take this exam?
Candidates for this exam secure Windows Server 2016 environments. Candidates are familiar with the methods and technologies used to harden server environments and secure virtual machine infrastructures using Shielded and encryption-supported virtual machines and Guarded Fabric.
Candidates manage the protection of Active Directory and Identity infrastructures and manage privileged identities using Just in Time (JIT) and Just Enough Administration (JEA) approaches, as well as implement Privileged Access Workstations (PAWs) and secure servers using the Local Administrator Password Solution (LAPS).
Candidates should also be able to use threat detection solutions such as auditing access, implementing Advanced Threat Analytics (ATA), deploying Operations Management Suite (OMS) solutions, and identifying solutions for specific workloads.
Latest updates Microsoft 70-744 exam practice questions
QUESTION 1
Your network contains an Active Directory domain named contoso.com.
The domain contains a computer named Computer1 that runs Windows 10.
The network uses the 172.16.0.0/16 address space.
Computer1 has an application named App1.exe that is located in D:\\Apps\\.
App1.exe is configured to accept connections on TCP port 8080.
You need to ensure that App1.exe can accept connections only when Computer1 is connected to the corporate
network.
Solution: You configure an inbound rule that allows the TCP protocol on port 8080, uses a scope of 172.16.0.0/16 for
local IP addresses, and applies to a private profile.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
“You need to ensure that App1.exe can accept connections only when Computer1 is connected to thecorporate
network.”, you should create the firewall rule for”Domain” profile instead, not the “Private” profile.
https://technet.microsoft.com/en-us/library/getting-started-wfas-firewall-profiles-ipsec(v=ws.10).aspx
QUESTION 2
You are building a guarded fabric. You need to configure Admin-trusted attestation. Which cmdlet should you use?
A. Add-HgsAttestationHostGroup
B. Add-HgsAttestationTpmHost
C. Add-HgsAttestationCIPolicy
D. Add-HgsAttestationTpmPolicy
Correct Answer: A
Authorize Hyper-V hosts using Admin-trusted attestation https://docs.microsoft.com/en-us/windows-server/virtualization/guarded-fabric-shielded-vm/guarded-fabric-addhost-information-for-admin-trusted-attestation
QUESTION 3
Your network contains an Active Directory domain named contoso.com.
You deploy a server named Server1 that runs Windows Server 2016. Server1 is in a workgroup.
You need to collect the logs from Server1 by using Log Analytics in Microsoft Operations Management Suite (OMS).
What should you do first?
A. Join Server1 to the domain.
B. Create a Data Collector Set.
C. Install Microsoft Monitoring Agent on Server1.
D. Create an event subscription.
Correct Answer: C
https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-windows-agents You need to install and connect
Microsoft Monitoring Agent for all of the computers that you
You can install the OMS MMA on stand-alone computers, servers, and virtual machines.
QUESTION 4
You have a Hyper-V host named Hyperv1 that has a virtual machine named FS1. FS1 is a file server that contains
sensitive data.
You need to secure FS1 to meet the following requirements:
-Prevent console access to FS1.
-Prevent data from being extracted from the VHDX file of FS1.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Enable BitLocker Drive Encryption (BitLocker) for all the volumes on FS1
B. Disable the virtualization extensions for FS1
C. Disable all the Hyper-V integration services for FS1
D. On Hyperv1, enable BitLocker Drive Encryption (BitLocker) for the drive that contains the VHDX file for FS1.
E. Enable shielding for FS1
Correct Answer: AE
-Prevent console access to FS1. -> Enable shielding for FS1-Prevent data from being extracted from the VHDX file of
FS1. -> Enable BitLocker Drive Encryption(BitLocker) for all the volumes on FS1
QUESTION 5
Your network contains two Active Directory forests named contoso.com and adatum.com.
Contoso.com contains a Hyper-V host named Server1. Server1 is a member of a group named HyperHosts.
Adatum.com contains a server named Server2. Server1 and Server2 run Windows Server 2016.
Contoso.com trusts adatum.com.
You plan to deploy shielded virtual machines to Server1 and to configure Admin-trusted attestation on Server2.
Which component should you install and which cmdlet should you run on Server2? To answer, select the appropriate
options in the answer area.
Hot Area:
Correct Answer:
QUESTION 6
You plan to deploy three encrypted virtual machines that use Secure Boot. The virtual machines will be configured as
shown in the following table.
How should you protect each virtual machine? To answer, select the appropriate options in the answer area.
Hot Area:
Correct Answer:
QUESTION 7
You plan to enable Credential Guard on four servers. Credential Guard secrets will be bound to the TPM.
The servers run Windows Server 2016 and are configured as shown in the following table.
You need to identify which server you must modify to support the planned implementation. Which server should you
identify?
A. Server1
B. Server2
C. Server3
D. Server4
Correct Answer: D
References: https://docs.microsoft.com/en-us/windows/access-protection/credential-guard/credential-guardrequirements
QUESTION 8
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Serve1,
that runs Windows Server 2016.
A technician is testing the deployment of Credential Guard on Server1.
You need to verify whether Credential Guard is enabled on Server1.
What should you do?
A. From a command prompt fun the credwiz.exe command.
B. From Task Manager, review the processes listed on the Details tab.
C. From Server Manager, click Local Server, and review the properties of Server!
D. From Windows PowerShell, run the Get-WsManCredSSP cmdlet.
Correct Answer: B
https://yungchou.wordpress.com/2016/10/10/credential-guard-made-easy-in-windows-10-version-1607/ The same as
before, once Credential Guard is properly configured, up and running.You should find in Task Manager the `Credential
Guard\\’ process and `lsaiso.exe\\’ listed in the Detailspage as below.
QUESTION 9
Note: Thb question Is part of a series of questions that present the same scenario. Each question In the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you willNOTbeabletorrturntoit.Asa result, these questions will not appear in
the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts.
You need to deploy several critical line-of-business applications to the network to meet the following requirements:
*The resources of the applications must be isolated from the physical host
*Each application must be prevented from accessing the resources of the other applications.
*The configurations of the applications must be accessible only from the operating system that hosts the application.
Solution: You deploy one Windows container to host all of the applications.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
References: https://docs.microsoft.com/en-us/virtualization/windowscontainers/about/
QUESTION 10
Your network contains an Active Directory domain named contoso.com.
You are deploying Microsoft Advanced Threat Analytics (ATA).
You create a user named User1.
You need to configure the user account of User1 as a Honeytoken account.
Which information must you use to configure the Honeytoken account?
A. the SAM account name of User1
B. the Globally Unique Identifier (GUID) of User1
C. the SID of User1
D. the UPN of User1
Correct Answer: C
https://docs.microsoft.com/en-us/advanced-threat-analytics/ata-prerequisitesA user account of a user who has no
network activities.This account is configured as the ATA Honeytoken user.To configure the Honeytoken user you need
the SID of the user account, not the username.
https://docs.microsoft.com/en-us/advanced-threat-analytics/install-ata-step7ATA also enables the configuration of a
Honeytoken user, which is used as a trap for malicious actors ?anyauthentication associated with this (normally
dormant) account will trigger an alert.
QUESTION 11
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
Your network contain an Active Directory domain named contoso.com. The domain contains a computer named
Computer1 that runs Windows 10. Computer1 connects to a home network and a corporate network.
The corporate network uses the 172.16.0.0/24 address space internally.
Computer1 runs an application named App1 that listens to port 8080.
You need to prevent connections to App1 when Computer1 is connected to the home network.
Solution: From Group Policy Management, you create software restriction policy.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
References: https://technet.microsoft.com/en-us/library/hh831534(v=ws.11).aspx
QUESTION 12
You manage a guarded fabric in TPM-trusted attestation mode.
You plan to create a virtual machine template disk for shielded virtual machines.
You need to create the virtual machine disk that you will use to generate the template.
How should you configure the disk? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
References: https://docs.microsoft.com/en-us/windows-server/virtualization/guarded-fabric-shielded-vm/guarded-fabric-configuration-scenarios-for-shielded-vms-overview https://docs.microsoft.com/en-us/system-center/dpm/what-s-new-in-dpm-2016?view=sc-dpm-1801
QUESTION 13
Your network contains an Active Directory domain named contoso.com.
You are deploying Microsoft Advanced Threat Analytics (ATA) to the domain. You install the ATA Gateway on a server
named Server1.
To assist in detecting Pass-the-Hash attacks, you plan to configure ATA Gateway to collect events.
You need to configure the query filter for event subscriptions on Server1.
How should you configure the query filter? To answer, select the appropriate options in the answer are.
Hot Area:
Correct Answer:
https://docs.microsoft.com/en-us/advanced-threat-analytics/configure-event-collectionTo enhance detection capabilities,
ATA needs the following Windows events: 4776, 4732, 4733, 4728, 4729,4756, 4757.These can either be read
automatically by the ATA Lightweight Gateway or in case the ATA LightweightGateway is not deployed,it can be
forwarded to the ATA Gateway in one of two ways, by configuring the ATA Gateway to listen for SIEMevents or by
configuring Windows Event Forwarding.
Event ID: 4776 NTLM authentication is being used against domain controllerEvent ID: 4732 A User is Added to Security-
Enabled DOMAIN LOCAL Group,Event ID: 4733 A User is removed from Security-Enabled DOMAIN LOCAL
GroupEvent ID: 4728 A User is Added or Removed from Security-Enabled Global Group Event ID: 4729 A User is
Removed from Security-Enabled GLOBAL GroupEvent ID: 4756 A User is Added or Removed From Security-Enabled
Universal GroupEvent ID: 4757 A User is Removed From Security-Enabled Universal Group
Related 70-744 Popular Exam resources
Lead4Pass Year-round Discount Code
What are the advantages of Lead4pass?
Lead4pass employs the most authoritative exam specialists from Microsoft, Cisco, CompTIA, IBM, EMC, etc. We update exam data throughout the year. Highest pass rate! We have a large user base. We are the industry leader! Choose Lead4Pass to pass the exam with ease!
Summarize:
It’s not easy to pass the Microsoft 70-744 exam, but with accurate learning materials and proper practice, you can crack the exam with excellent results. Lead4pass provides you with the most relevant learning materials that you can use to help you prepare.