070-744 무료 덤프문제 온라인 액세스

Your network contains two Active Directory forests named corp.contoso.com and priv.contoso.com. Both forests have only a single domain. The priv.contoso.com domain contains a server named Server1 that runs Windows Server 2016.
You install Microsoft Identity Manager (MIM) 2016 on Server1.
You plan to deploy MIM-based Privileged Access Management (PAM) between the two forests.
You run New-PAMTrust in the priv.contoso.com domain.
You need to configure the trust relationship between the forests to support the PAM deployment.
Which three settings should you configure for the trust? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A.quarantine to no
• B.enablepimtrust to yes
• C.transitive to no
• D.enablesidhistory to yes
• E.foresttransitive to no

The network contains an Active Directory domain named contoso.com. The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2016. All client computers run Windows 10 and are domain members.
All laptops are protected by using BitLocker Drive Encryption (BitLocker).
You have an organizational unit (OU) named OU1 that contains the computer accounts of application servers.
An OU named OU2 contains the computer accounts of the computers in the marketing department.
A Group Policy object (GPO) named GP1 is linked to OU1.
A GPO named GP2 is linked to OU2.
All computers receive updates from Server1.
You create an update rule named Update1.
You enable deep script block logging for Windows PowerShell.
In which event log will PowerShell code that is generated dynamically appear?

• A.Windows Logs/Security
• B.Windows Logs/Application
• C.Applications and Services Logs/Windows PowerShell
• D.Applications and Services Logs/Microsoft/Windows/PowerShell/Operational

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2016.
You need to prevent NTLM authentication on Server1.
Solution: From a Group Policy, you configure the Kerberos Policy.
Does this meet the goal?

• A.No
• B.Yes

Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question Is independent of the other questions in this series. Information and details provided in a question apply only to that question.
Your network contains an Active Directory domain named contoso.com The domain contains a file server named Server1 that runs Windows Server 2016.
You need to create Work Folders on Server1.
Which tool should you use?

• A.Storage Explorer
• B.Disk Management
• C.System Configuration
• D.Computer Management
• E.Shared Folders
• F.Server Manager
• G.File Explorer
• H.File Server Resource Manager (FSRM)

You have a server named Server1 that runs Windows Server 2016.
You need to identify the default action for the inbound traffic when Server1 connects to the domain.
Which cmdlet should you use?

• A.Get-NetFirewallApplicationFilter
• B.Get-NetFirewallAddressFilter
• C.Get-NetIPSecRule
• D.Get-NetFirewallPortFilter
• E.Get-NetFirewallRule
• F.Get-NetFirewallProfile
• G.Get-NetFirewallSetting