Configuring Windows 8.1
Question No: 161 – (Topic 2)
A company has an Active Directory Domain Services (AD DS) domain. All client computers run Windows 8.1.
You need to ensure that only administrators can access removable storage devices on client computers.
Which two Group Policy settings should you configure? (Each correct answer presents part of the solution. Choose two.)
Enable the Prevent installation of removable devices policy.
Disable the Allow only USB root hub connected Enhanced Storage Features policy.
Create an AppLocker deny rule with a path condition of %HOT%.
Start the Application Identity service.
Enable the Allow administrators to override Device Installation Restriction policies policy.
Explanation: Prevent installation of all devices.
In this scenario, the administrator wants to prevent standard users from installing any device but allow administrators to install or update devices. To implement this scenario, you must configure two computer policies: one that prevents all users from installing devices (A) and a second policy to exempt administrators from the restrictions (E).
* A growing variety of external storage devices can be connected to personal computers and servers that are running the Windows operating system. Many users now expect to be able to install and use these devices in the office, at home, and in other locations. For
administrators, these devices pose potential security and manageability challenge.
The Group Policy settings discussed in this section can be used to limit, prevent, or enable these situations. The default value for these policy settings is Not configured.
These policy settings are located in the following locations under Computer Configuration\Administrative Templates\System:
/ (E) Device Installation\Device Installation Restrictions Device Redirection\Device Redirection Restrictions Driver Installation
Enhanced Storage Access Removable Storage Access
Reference: Threats and Countermeasures Guide: External Storage Devices
http://technet.microsoft.com/en-us/library/cc753539(v=ws.10).aspx Prevent Installation of Removable Devices
You can use this procedure to prevent installation of any removable device.
A device is considered removable when its device driver, or the device driver for the bus to which the device is attached, reports that it is a removable device.
If this policy is enabled, in addition to preventing installation of the affected devices, it also prevents users from updating the device drivers for already installed devices that match the policy.
http://technet.microsoft.com/en-us/library/cc753015(v=ws.10).aspx Allow Administrators to Override Device Installation Restriction Policies
You can use this procedure to ensure that the device installation restriction policies you apply to a computer do not affect members of the Administrators group.
By default, a device installation restriction policy affects all users of the computer, including members of the local Administrators group. By enabling this policy, you exempt administrators from the effects of the policy, and allow them to do the device installation
tasks they need to do.
Further Information: http://www.group-
Allow only USB root hub connected Enhanced Storage devices
If you disable or do not configure this policy setting, USB Enhanced Storage devices connected to both USB root hubs and non-root hubs will be allowed.
You can use AppLocker as part of your overall security strategy for the following scenarios:
Help prevent malicious software (malware) and unsupported applications from affecting computers in your environment.
Prevent users from installing and using unauthorized applications.
Implement application control policy to satisfy security policy or compliance requirements in your organization.
http://technet.microsoft.com/en-us/library/ee791779(v=ws.10).aspx Configure the Application Identity Service
The Application Identity service determines and verifies the identity of an application. Stopping this service will prevent AppLocker policies from being enforced.
Question No: 162 HOTSPOT – (Topic 2)
You administer Windows 8.1 computers in your company network. The security policies of the company require that USB storage devices are allowed only if they are protected with BitlockerTo Go.
You need to prevent users from removing Bitlocker encryption from the USB storage devices.
Which configuration setting should you modify? (To answer, select the appropriate setting in the answer area.)
http://technet.microsoft.com/en-us/library/jj679890.aspx BitLocker Group Policy Settings
Control use of BitLocker on removable drives
This policy setting is used to prevent users from turning BitLocker on or off on removable data drives.
Configure use of smart cards on fixed data drives
This policy setting is used to require, allow, or deny the use of smart cards with fixed data drives.
Deny write access to removable drives not protected by BitLocker
This policy setting is used to require that removable drives are encrypted prior to granting Write access, and to control whether BitLocker-protected removable drives that were configured in another organization can be opened with Write access.
Configure use of hardware-based encryption for removable data drives
This policy controls how BitLocker reacts to encrypted drives when they are used as removable data drives. Using hardware-based encryption can improve the performance of drive operations that involve frequent reading or writing of data to the drive.
Enforce drive encryption type on removable data drives
This policy controls whether fixed data drives utilize Full encryption or Used Space Only encryption. Setting this policy also causes the BitLocker Setup Wizard to skip the encryption options page, so no encryption selection displays to the user.
Allow access to BitLocker-protected removable data drives from earlier versions of Windows
This policy setting controls access to removable data drives that are using the BitLocker To Go Reader and whether the BitLocker To Go Reader can be installed on the drive.
Configure use of passwords on removable data drives
This policy setting is used to require, allow, or deny the use of passwords with removable data drives.
Choose how BitLocker-protected removable drives can be recovered
This policy setting is used to configure recovery methods for removable data drives.
Question No: 163 – (Topic 2)
A company has client computers that run Windows 8.1. File History is on.
An employee downloads data to a folder on drive D named Archives.
You need to ensure that the user can restore files from the Archives folder by using File History.
What should you do?
Create a library named History and add the Archives folder to the library.
Start the Windows Backup service.
Turn on the Volume Shadow Copy Service.
Start the Block Level Backup Engine service.
Answer: A Explanation:
http://blogs.msdn.com/b/b8/archive/2012/07/10/protecting-user-files-with-file-history.aspx What is File History?
File History is a backup application that continuously protects your personal files stored in Libraries, Desktop, Favorites, and Contacts folders. It periodically (by default every hour) scans the file system for changes and copies changed files to another location. Every time any of your personal files has changed, its copy will be stored on a dedicated, external storage device selected by you. Over time, File History builds a complete history of changes made to any personal file.
A New Way to Backup: File History in Windows 8
File History is a new feature in Windows 8 that helps to ensure that your personal files are safe. In addition to being a backup solution, File History also provides the capability to restore multiple backup copies (versions) of your files. File history in Windows 8 is easy to setup, powerful, and reliable. This means you can have more confidence when working with files, and also keep less redundant copies around for your own personal “data history”. You can easily configure File History to protect some or all of the files that are in your libraries on Windows 8. You can add folders to your libraries easily in Windows 8, giving you the ability to use File History with any group of folders and files that you choose.
Question No: 164 – (Topic 2)
You use many Windows Store apps on a computer that runs Windows 8.1. You are planning a performance audit on the computer.
You need to establish the volume of data upload from each app over a five-day period.
Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)
On the fifth day, review the upload statistics in Task Manger.
Configure Task Manager to save usage data to a file.
Configure Task Manager to record data upload from each Windows Store app.
On the first day, delete any existing application usage history
Open Task Manager and add the Uploads column.
Answer: A,D,E Explanation:
The Windows 8 Task Manager – Which Apps Use the Most Resources?
Before you get in to tweak settings, the app history tab will display five columns: Name – The name of the process or app.
CPU Time – Total amount of CPU time the selected app has taken up. Network – Total network utilization in MB for the selected app.
Metered Network – Total network utilization on a network that is marked as metered. Tile Updates – Amount of network usage for updating the chosen app’s live tile.
By default, the App History tab will only display usage for modern Windows 8 apps.
While the default view displays a pretty good picture of your data using apps, you can take it farther by adding more columns. Right-click or long-press an existing column header to view a list of available data points. You can deselect any of the existing columns to hide them, or select any of the following columns to add them to your view:
Non-Metered Network – Network usage on networks that aren’t marked as metered. Downloads – Amount of downloads done for the selected app.
Uploads – Amount of uploads done for the selected app.
How to Clear your App History Data
When viewing your app history data, it can be difficult to discern how quickly your apps are racking up network usage. You may see that Netflix has used gigs of data, but if that’s over
a long period that may not be so bad. However, if it’s only been a few minutes since data logging began, you’re in trouble.
If you want to clear your data and start counting again from zero, go ahead and click or tap quot;Delete usage history.quot;
All of your recorded history will be deleted and all columns will be zeroed out. With careful monitoring you can now see how quickly your heavy users chew up data.
Question No: 165 – (Topic 2)
You administer Windows 8.1 Pro computers in your company network. The computers are configured to allow remote connections. You attempt to create a Remote Desktop Connection to a computer named Computer1. You receive the following message: #39;#39;Remote Desktop can#39;t connect to the remote computer.quot;
You are able to ping Computer1. You discover that Remote Desktop Firewall rules are not present on Computer1.
You need to connect to Computer1 by using Remote Desktop. Which PowerShell commands should you run on Computer1?
New-NetFirewallRule -DisplayNameRdpTCPin -localPort 3389 -Protocol TCP
Set-NetFirewallRule -Name RemoteSvcAdmin-In-TCP -Enabled True
New-NetFirewallRule -DisplayNameRdpTCPout -localPort 3389 -Protocol TCP – Direction Out -Action Allow
Set-NetFirewallRule -Name RemoteFwAdmin-In-TCP -Enabled True
Explanation: http://technet.microsoft.com/en-us/library/jj554908.aspx New-NetFirewallRule
Creates a new inbound or outbound firewall rule and adds the rule to the target computer. Syntax
New-NetFirewallRule -DisplayName lt;Stringgt; [-Action lt;Actiongt; ] [-AsJob] [-Authentication
lt;Authenticationgt; ] [-CimSession lt;CimSessiongt; ] [-Description lt;Stringgt; ] [-Direction
lt;Directiongt; ] [-DynamicTarget lt;DynamicTransportgt; ] [-EdgeTraversalPolicy
lt;EdgeTraversalgt; ] [-Enabled lt;Enabledgt; ] [-Encryption lt;Encryptiongt; ] [-GPOSession
lt;Stringgt; ] [-Group lt;Stringgt; ] [-IcmpType lt;Stringgt; ] [-InterfaceAlias lt;WildcardPatterngt; ] [-InterfaceType lt;InterfaceTypegt; ] [-LocalAddress lt;Stringgt; ] [-LocalOnlyMapping
lt;Booleangt; ] [-LocalPort lt;Stringgt; ] [-LocalUser lt;Stringgt; ] [-LooseSourceMapping
lt;Booleangt; ] [-Name lt;Stringgt; ] [-OverrideBlockRules lt;Booleangt; ] [-Owner lt;Stringgt; ] [- Package lt;Stringgt; ] [-Platform lt;Stringgt; ] [-PolicyStore lt;Stringgt; ] [-Profile lt;Profilegt; ] [- Program lt;Stringgt; ] [-Protocol lt;Stringgt; ] [-RemoteAddress lt;Stringgt; ] [-RemoteMachine
lt;Stringgt; ] [-RemotePort lt;Stringgt; ] [-RemoteUser lt;Stringgt; ] [-Service lt;Stringgt; ] [- ThrottleLimit lt;Int32gt; ] [-Confirm] [-WhatIf] [ lt;CommonParametersgt;]
The New-NetFirewallRule cmdlet creates an inbound or outbound firewall rule and adds the
rule to the target computer.
http://en.wikipedia.org/wiki/Remote_Desktop_Protocol Remote Desktop Protocol
By default, the server listens on TCP port 3389 and UDP port 3389.
Question No: 166 – (Topic 2)
You administer Windows 8.1 Pro computers in your company network. A user reports that her computer experiences frequent STOP errors.
You need to repair the Windows 8.1 installation. Your solution must ensure that the user retains her current documents and settings.
What should you do?
Create a recovery drive.
Reinstall Windows 8.1. Restore the user#39;s personal files from a backup.
Run Reset your PC.
Run Refresh your PC.
Explanation: http://windows.microsoft.com/en-us/windows-8/restore-refresh-reset-pc How to refresh, reset, or restore your PC
If you#39;re having problems with your PC, you can try to refresh, reset, or restore it. Refreshing your PC reinstalls Windows and keeps your personal files and settings. It also keeps the apps that came with your PC and the apps you installed from the Windows Store. Resetting your PC reinstalls Windows but deletes your files, settings, and apps – except for the apps that came with your PC. Restoring your PC is a way to undo recent system changes you#39;ve made.
Question No: 167 – (Topic 2)
You administer Windows 8.1 client computers in your company network. The company has an Active Directory Domain Services (AD DS) domain. The network uses a DHCP server.
You want to assign a static dynamic host configuration protocol (DHCP) reservation for a client computer.
You need to identify the media access control (MAC) address of the client computer. Which command should you use?
ipconfig /allcompartments /all
Answer: C Explanation:
Displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings. Used without parameters, ipconfig displays Internet Protocol version 4 (IPv4) and IPv6 addresses, subnet mask, and default gateway for all adapters.
ipconfig [/allcompartments] [/all] [/renew [lt;Adaptergt;]] [/release [lt;Adaptergt;]] [/renew6[lt;Adaptergt;]] [/release6 [lt;Adaptergt;]] [/flushdns] [/displaydns] [/registerdns] [/showclassid lt;Adaptergt;] [/setclassid lt;Adaptergt; [lt;ClassIDgt;]]
Displays the full TCP/IP configuration for all adapters. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dial-up connections.
Displays the full TCP/IP configuration for all compartments.
Flushes and resets the contents of the DNS client resolver cache. During DNS troubleshooting, you can use this procedure to discard negative cache entries from the cache, as well as any other entries that have been added dynamically.
Renews DHCP configuration for all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
Question No: 168 – (Topic 2)
You are working with a virtual machine (VM) named NYC-DC1 on a Windows 8.1 computer.
The status of NYC-DC1 in Hyper-V Manager is shown in the following graphic.
You plan to create a snapshot of NYC-DC1. You select the VM in Hyper-V Manager. The Snapshot option is not available in the Actions pane or in the context menu.
You need to ensure that the Snapshot option is available. What should you do?
Resume the VM.
Specify a location in which Hyper-V Manager should save snapshot files.
Save the VM.
Connect to the VM.
Increase the Assigned Memory to at least 2048 MB.
Answer: A Explanation:
http://www.virtuatopia.com/index.php/Creating_and_Managing_Hyper-V_Snapshots Creating and Managing Hyper-V Snapshots
What is a Hyper-V Virtual Machine Snapshot?
yper-V virtual machine snapshots allow the status of a virtual machine (and the corresponding guest operating system) at a particular time to be saved such that it can be
reverted to that state at any point in the future. Hyper-V snapshots contain both the configuration settings of the virtual machine, and the state of the guest operating system at the point the snapshot is taken. Snapshots may be taken of virtual machines when they are running, stopped or saved. It is not possible, however, to take a snapshot of a paused Hyper-V virtual machine.
When a snapshot is taken of a saved or running virtual machine, the snapshot contains the status of both the file system and the memory used by the guest operating system. As such, when the virtual machine is reverted to the snapshot everything, including applications running at the time the snapshot was taken, will be restored to the snapshot status.
Virtual machines are reverted to a snapshot status by applying the desired snapshot to the virtual machine.
Question No: 169 – (Topic 2)
A company has 10 Windows 8.1 (64-bit) client computers.
You plan to create backup resources to allow the recovery of Windows 8.1 on any of the client computers.
You need to ensure that you can recover the computers from bootable media. What should you do?
Turn on File History.
Create a new pool and storage space.
Run the Remove everything and install Windows feature.
Run the bcdboot command.
Run the recdisc command.
Question No: 170 – (Topic 2)
Employees are permitted to bring personally owned portable computers that run Windows
8.1 to the office. They are permitted to install corporate applications by using the management infrastructure agent and access corporate email by using Windows Mail.
An employee#39;s personally owned portable computer is stolen.
You need to protect the corporate applications and email messages on the computer.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
Prevent the computer from connecting to the corporate wireless network.
Disconnect the computer from the management infrastructure.
Change the user#39;s password.
Initiate a remote wipe.
Win8: Security: Device wipe and device lock behavior across operating system versions and devices
Device wipe (also known as quot;remote wipequot;) is an Exchange ActiveSync (EAS) directive in which a user or administrator triggers a wipe of a device. Specifically, a user goes to Outlook Web App and then triggers the device wipe behavior, or a Microsoft Exchange administrator invokes device wipe.
Remote device wipe may be triggered when a standard user account uses OWA or when an administrator uses the Exchange administrator tools. The following screen shot shows the device wipe UI in Outlook Web App for a Windows Mobile phone. The UI is triggered by clicking the quot;device wipequot; button (highlighted in red).
The following table shows the behavior of a mail app when the app receives a device wipe directive from a server.
Doing an ActiveSync Remote Wipe of a Windows 8 or Windows RT Device
Q: If an ActiveSync Remote Wipe is initiated against a Windows 8 or Windows RT device via the built-in Mail application, what#39;s deleted?
A: A Remote Wipe is the process where a device is selected from a central Microsoft Exchange or management console and chosen to be wiped, for example if the device has been lost by the owner. The Remote Wipe command is then sent to the device via ActiveSync.
For a device such as a Windows Phone, all data is deleted, including email, contacts, calendar for all accounts and other data on the device such as documents and picture.
However, when ActiveSync Remote Wipe is performed against a Windows 8 or Windows RT device, the scope of the wipe is more limited. Only the email, contacts, and calendar for information stored in the built-in Mail applicationare deleted. Other data on the system is not deleted, including information from the Microsoft Office Outlook client.
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|