NEW QUESTION NO: 40
You have a Microsoft Intune subscription.
You have three security groups named Security1, Security2 and Security3. Security1 is the parent group of Security2. Security2 has 100 users.
You need to change the parent group of Security2 to be Security3.
What should you do first?
A. Edit the properties of Security1.
B. Edit the properties of Security2.
C. Delete security2.
D. Remove all users from Security2.
Answer: C
Explanation/Reference:
Explanation:
You cannot change the parent group of a security group in Microsoft Intune. You can only delete the group and recreate another group with the correct parent.
Deleting a group does not delete the users that belong to that group. Therefore, you do not need to remove the users from the group; you can just delete the group and recreate it.
References:
https://technet.microsoft.com/en-gb/library/dn646990.aspx

NEW QUESTION NO: 41
DRAG DROP
You are a desktop support technician for your company. You support more than 100 Windows 8 and Windows 10 Enterprise desktop computers.
You are preparing an installation image of a Windows 10 Enterprise computer by using the Deployment and Imaging Tools Environment command prompt on your own computer. The image includes a customized instance of the Windows Recovery Environment (Windows RE).
You need to extract and mount the Windows RE image.
Which three actions should you perform in sequence? To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

Answer: 


NEW QUESTION NO: 42
You are the desktop administrator for a small company.
The company modifies its policy for retaining company financial documents from six months to three years.
You currently use File History, retaining files for six months and saving copies of files every 20 minutes.
You need to adjust your current backup solution to accommodate the policy change.
What should you do?
A. Set the Keep Saved Versions option in File History to Forever.
B. Set the backup solution to Recovery model.
C. Set the Save Copies of Files frequency to Daily.
D. Set the File History log file setting to Archive the log when full, do not overwrite events.
Answer: A
Explanation/Reference:
Explanation:
You can select one, two years or forever; there is no option for three years. Therefore, the only option is to keep the files forever.

NEW QUESTION NO: 43
You support Windows 10 Enterprise computers. Your company protects all laptops by using the BitLocker Network Unlock feature.
Some employees work from home.
You need to ensure that employees can log on to their laptops when they work from home.
What should you do?
A. Have users run the Manage-bde.exe -unlock command before they disconnect from the company network.
B. Ensure that the Trusted Platform Module (TPM) chips in the laptops are version 1.2 or greater.
C. Enable BitLocker To Go.
D. Provide employees with their BitLocker PINs.
Answer: D
Explanation/Reference:
Explanation:

NEW QUESTION NO: 44
HOTSPOT
You manage a Microsoft Azure RemoteApp deployment. The deployment consists of a cloud collection named CloudCollection1 and a hybrid collection named HybridCollection1. Both collections reside in a subscription named Subscription1. Subscription1 contains two Active Directory instances named AzureAD1 and AzureAD2. AzureAD1 is the associated directory of Subcsription1.
AzureAD1 is synchronized to an on-premises Active Directory forest named constoso.com. Passwords are synchronized between AzureAD1 and the on-premises Active Directory.
You have the following user accounts:

You need to identify to which collections each user can be assigned access.
What should you identify? To answer, select the appropriate options in the answer area.
Hot Area:

Answer: 

Explanation/Reference:
Explanation:
A Microsoft account can only access a cloud collection.
An Azure Active Directory (Azure AD) account can access a cloud collection and it can access a hybrid collection if directory synchronization with password sync is deployed.
An on-premise domain account that does not exist in any Azure Active Directory cannot access Azure cloud resources.
References:
https://azure.microsoft.com/en-gb/documentation/articles/remoteapp-collections/

NEW QUESTION NO: 45
A company has an Active Directory Domain Services (AD DS) domain. All client computers run Windows
10 Enterprise. Some computers have a Trusted Platform Module (TPM) chip.
You need to configure a single Group Policy object (GPO) that will allow Windows BitLocker Drive Encryption on all client computers.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Enable the Require additional authentication at startup policy setting.
B. Enable the Enforce drive encryption type on operating system drives policy setting.
C. Enable the option to allow BitLocker without a compatible TPM.
D. Configure the TPM validation profile to enable Platform Configuration Register indices (PCRs) 0, 2, 4, and 11.
Answer: A,C
Explanation/Reference:
Explanation:
We need to allow Windows BitLocker Drive Encryption on all client computers (including client computers that do not have Trusted Platform Module (TPM) chip).
We can do this by enabling the option to allow BitLocker without a compatible TPM in the group policy. The
'Allow BitLocker without a compatible TPM' option is a checkbox in the 'Require additional authentication at startup' group policy setting. To access the 'Allow BitLocker without a compatible TPM' checkbox, you need to first select Enabled on the 'Require additional authentication at startup' policy setting.
References:
http://www.howtogeek.com/howto/6229/how-to-use-bitlocker-on-drives-without-tpm/

NEW QUESTION NO: 46
You have a standalone Windows 10 Enterprise computer that has a single hard drive installed and configured.
You need to identify which storage devices can have content backed up by using File History.
What should you identify?
A. A writable Blu-ray disc
B. A writable DVD disc
C. An internal drive that is formatted NTFS
D. An SD card that is formatted FAT32
Answer: D
Explanation/Reference:
Explanation:
References: http://www.laptopmag.com/articles/back-files-file-history-windows-10

NEW QUESTION NO: 47
You have a computer that runs Windows 10.
You install a second hard disk drive on the computer and you create a new volume named E.
You need to enable system protection for volume E.
What should you use?
A. the Wbadmin command
B. the Settings app
C. System Properties
D. the Set-Volume cmdlet
Answer: C
Explanation/Reference:
Explanation:

NEW QUESTION NO: 48
HOTSPOT
You are setting up a Windows 10 Enterprise computer.
The computer's network connections are shown in the Network connections exhibit. (Click the Exhibit button.)

The computer's network settings are shown in the Network Settings exhibit. (Click the Exhibit button.)

Advanced TCP/IP settings are shown in the Advanced TCP/IP Settings exhibit. (Click the Exhibit button.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer: 

Explanation/Reference:
Explanation:
The computer has a physical network adapter.

When you enable Hyper-V on a computer, a virtual network adapter connected to a virtual switch is added.

Therefore, the computer is a Hyper-V host.
The computer has an IP address. The text in the image below shows that the network connection is not DHCP enabled. Therefore, this is a static IP address.

The computer is a Hyper-V host, not a Hyper-V virtual machine.

NEW QUESTION NO: 49
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You have five computers that runs Windows 10. Each computer is used by a different user. All of the computers are members of the same workgroup.
You need to ensure that all of the users can access the files located in one another's libraries. Access must be granted based on a shared password.
What should you configure?
A. share permissions
B. account policies
C. HomeGroup settings
D. application control policies
E. NTFS permissions
F. Microsoft OneDrive
G. Encrypting File System (EFS) settings
H. software restriction policies
Answer: C
Explanation/Reference:
Explanation:
https://support.microsoft.com/en-za/help/17145/windows-homegroup-from-start-to-finish

NEW QUESTION NO: 50
You have an unsecured wireless network for users to connect to from their personal Windows 10 devices.
You need to prevent Wi-Fi Sense from sharing information about the unsecured wireless network.
What should you do?
A. Configure the SSIF of the unsecured wireless to contain_optout.
B. Instruct the users to disable Internet Protocol Version 6 (TCP/IPv6) on their wireless network adapters.
C. Configure the SSID of the guest wireless to be hidden.
D. Instruct the users to turn off Network Discovery on their devices.
Answer: A
Explanation/Reference:
Explanation:
References: http://www.pcworld.com/article/2951824/windows/how-to-disable-windows-10s-wi-fi-sense- password-sharing.html
https://www.newpassleader.com/Microsoft/70-697-exam-preparation-materials.html