Free Microsoft 70-744 Exam Dumps Questions & Answers

Your network contains an Active Directory domain named contoso.com.
You plan to deploy an application named App1.exe.
You need to verify whether Control Flow Guard is enabled for App1.exe.
Which command should you run? To answer, select the appropriate options in the answer area.

Correct Answer:

Explanation

ttps://msdn.microsoft.com/en-us/library/windows/desktop/mt637065(v=vs.85).aspxControl Flow Guard (CFG) is a highly-optimized platform security feature that was created to combat memorycorruption vulnerabilities.
By placing tight restrictions on where an application can execute code from, it makes it much harder for exploitsto execute arbitrary code through vulnerabilitiessuch as buffer overflows.To verify if Control Flow Guard is enable for a certain application executable:-Run the dumpbin.exe tool (included in the Visual Studio
2015 installation) from the Visual Studio commandprompt with the /headers and /loadconfig options:
dumpbin.exe /headers /loadconfig test.exe.The output for a binary under CFG should show that the header values include "Guard", and that the loadconfig values include "CF Instrumented" and "FID tablepresent".1

You have a virtual machine named FS1 that runs Windows Server 2016.
FS1 has the shared folders shown in the following table.

You need to ensure that each user can store 10 GB of files in \\FS1\Users.
What should you do?

• A.  From File Explorer, open the properties of volume D, and then modify the Quota settings.
• B.  From File Explorer, open the properties of D:\Users, and then modify the Advanced sharing settings.
• C.  Install the File Server Resource Manager role service, and then create a file screen.
• D.  Install the File Server Resource Manager role service, and then create a quota.

Your network contains an Active Directory domain.
Microsoft Advanced Threat Analytics (ATA) is deployed to the domain.
A database administrator named DBA1 suspects that her user account was compromised.
Which three events can you identify by using ATA? Each correct answer presents a complete solution.

• A.  Domain computers into which DBA1 recently signed.
• B.  Spam messages received by DBA1.
• C.  Phishing attempts that targeted DBA1
• D.  Servers that DBA1 recently accessed.
• E.  The last time DBA1 experienced a failed logon attempt

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You deploy Windows Server 2016 to a server named Server1.
You need to ensure that you can run Windows Containers on Server1.
Solution: On Server1, you enable the Containers feature, and then you restart the server.
Does this meet the goal?

• A.  No
• B.  Yes

The Job Title attribute for a domain user named User1 has a value of Sales Manager.
User1 runs whoami /claims and receives the following output:

Kerberos support for Dynamic Access Control on this device has been disabled.
You need to ensure that the security token of User1 has a claim for Job Title. What should you do?

• A.  From Active Directory Users and Computers, modify the properties of the User1 account.
• B.  From Windows PowerShell, run the New-ADClaimTransformPolicy cmdlet and specify the -Name parameter
• C.  From Active Directory Administrative Center, add a claim type.
• D.  From a Group Policy object (GPO), configure KDC support for claims, compound authentication, and Kerberos armoring.