Need The newest 70-685 Exam Dumps? Why not try PassLeader’s 196q 70-685 vce dumps or 70-685 pdf dumps? Recntly, the 70-685 exam has been changed with a lot of new questions, old version 70-685 vce dumps or practice tests are not valid now, if you want to pass exam 70-685 easily, please download the latest update 196q 70-685 braindumps from PassLeader. Now visit passleader.com and you will get all the 70-685 study materials including free 70-685 study guide with valid 70-685 vce dumps and free vce player, which will help you passing 70-685 exam easily!
keywords: 70-685 exam,196q 70-685 exam dumps,196q 70-685 exam questions,70-685 pdf dumps,70-685 vce dumps,70-685 study guide,70-685 practice test,Pro: Windows 7, Enterprise Desktop Support Technician Exam
Several mobile users access the Internet by using cellular connections. The help desk reports a high volume of calls from mobile users who report the following connection problems:
– When their cellular connections fail, their VPN connections also fail.
– When their cellular connections are reestablished, they must manually connect to the VPN server.
You need to recommend a solution to ensure that the VPN connections are automatically reestablished. What should you recommend?
A. Implement an IKEv2 VPN.
B. Implement an SSTP-based VPN.
C. Configure credential roaming.
D. Configure a Kerberos user ticket lifetime.
Internet Key Exchange version 2 (IKEv2) support was added in Windows Server2008R2 and Windows7 to accommodate a new VPN type that supports VPN Reconnect. VPN Reconnect refers to the ability of a VPN connection to survive short interruptions in network connectivity, such as when you move from one wireless access point to another, or when you switch from a wired to a wireless network adapter. By taking advantage of features in IKEv2, even changes in IP address at the client do not drop the VPN connection or require any user actions. As soon as connectivity to the RRAS VPN server is restored, then the VPN tunnel is automatically reestablished.
The company implements a data recovery agent (DRA) for Bitlocker. A portable computer fails. The help desk reports that it is unable to use the DRA to recover the data from the computer’s hard disk drive. You need to ensure that the DRA can be used to recover data from the hard disk drives of all portable computers. Which tool should you use?
Five users from the main office travel to the branch office. The users bring their portable computers. The help desk reports that the users are unable to access any network resources from the branch office. Branch office users can access the network resources. You need to ensure that the main office users can access all network resources by using their portable computers in the branch office. The solution must adhere to the corporate security guidelines. What should you instruct the help desk to do on the portable computers?
A. Create a new VPN connection.
B. Add the users to the local Administrators group.
C. Add the users to the Network Configuration Operators group.
D. Configure the alternate configuration for the local area connection.
Users report that their DirectAccess connections fail. You instruct the help desk to tell the users to run the Connection to a Workplace Using DirectAccess troubleshooter. The help desk reports that the Connection to a Workplace Using DirectAccess troubleshooter fails to function. You need to ensure that the Connection to a Workplace Using DirectAccess troubleshooter functions properly. What should you do?
A. Instruct the help desk to enable IPv6 on the users’ computers.
B. Instruct the help desk to modify the users’ Windows Firewall settings.
C. Request that the domain administrator configure the Teredo State Group Policy setting.
D. Request that the domain administrator configure the Corporate Website Probe URL Group Policy setting.
Case Study 3 – A.Datum Corporation (QUESTION 55 – QUESTION 59)
You are an enterprise desktop support technician for A.Datum Corporation.
Active Directory Configuration
The company has three offices. The offices are configured as shown in the following table:
The network contains a single Active Directory domain named adatum.com. Two Group Policy objects (GPOs) are configured as shown in the following table:
The relevant servers in the main office are configured as shown in the following table:
A wireless network is implemented in the main office. The wireless network is configured to use WPA2-Enterprise security.
All client computers run Windows 7 Enterprise and are configured to use DHCP. Windows Firewall is disabled on all client computers. All computers in the research department have Windows XP Mode and Windows Virtual PC installed. You deploy a custom Windows XP Mode image to the research department computers. An application named App1 is installed in the image. Each research department computer has the following hardware:
– 4GB of RAM
– Intel Core i7 processor
– 500GB hard disk drive
Corporate Security Policy
The corporate security policy includes the following requirements:
– Users without domain accounts must be denied access to internal servers.
– All connections to the company’s wireless access points must be encrypted.
– Only employees can be configured to have user accounts in the Active Directory domain.
– The hard disk drives on all portable computers must be encrypted by using Windows BitLocker Drive Encryption (BitLocker).
Users in the research department report that they cannot run App1 or Windows XP Mode. You need to ensure that all research department users can run App1. You need to achieve this goal by using the minimum amount of administrative effort. What should you do?
A. Approve all Windows 7 updates on WSUS1.
B. Enable hardware virtualization on the research department computers.
C. Give each member of the research department a computer that has an Intel Core i5 processor.
D. Request that a domain administrator create a GPO that configures the Windows Remote Management (WinRM) settings.
Using Windows XP Mode, you can run programs that were designed for Windows XP on computers running: Windows7 Professional, Enterprise, or Ultimate editions. Requirements:
Download and install Windows Virtual PC
Download and install Wind0ws XP Mode
CPU with Intel-VT or AMD-V technology enabled in the BIOS – hardware virtualization
Users in branch office 1 report that they fail to access the company’s intranet Web site located on Web1. They also fail to access Web sites on the Internet. A desktop support technician restarts a desktop computer in branch office 1 and discovers the IP configuration shown in the following screenshot:
You need to resolve the network connectivity issue. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Instruct branch office 1 users to disable IPv6.
B. Instruct branch office 1 users to run Ipconfig /Renew.
C. Request that a network administrator configure the DHCP router option for branch office 1.
D. Request that a network administrator verify DHCP broadcasts are being relayed to the main office.
Datum hires several consultants to work at the main office for six months. The consultants require Internet access. The help desk reports that the consultants cannot access the company’s wireless network. You need to ensure that the consultants have wireless access to the Internet. The solution must adhere to the corporate security policy. What should you request?
A. that a wireless access key be given to each consultant
B. that a user certificate be generated and imported to each consultant’s computer
C. that a computer certificate be generated and imported to each consultant’s computer
D. that a network administrator install a wireless access point that is connected directly to the Internet
Because of the “users without domain accounts” policy.
The motherboard on a portable computer fails. The data on the computer’s hard disk drive cannot be recovered. You need to recommend a solution to ensure that the data on hard disks can be recovered if the motherboard on other portable computers fail Which two configurations should you recommend? (Each correct answer presents part of the solution. Choose two.)
A. Disable BitLocker on all portable computers.
B. Convert the hard disks on all portable computers to dynamic disks.
C. Export and securely store the computer certificates on all portable computers.
D. Configure the BitLocker settings on all portable computers by using Group Policy.
The help desk reports that several client computers in branch office 1 are missing security updates. You need to identify which security updates are missing. What should you request?
A. that a WSUS administrator generate a Computer Report from WSUS1
B. that a domain administrator run the Microsoft Baseline Security Analyzer (MBSA)
C. that a desktop support technician run a Windows Defender scan on each computer
D. that a desktop support technician generate a System Configuration report for each computer
Microsoft Baseline Security Analyzer (MBSA): to detect common security miss-configurations and missing security updates on your computer systems.
Case Study 4 – Margie’s Travel (QUESTION 60 – QUESTION 64)
You are an enterprise desktop support technician for Margie’s Travel. Margie’s Travel is a company that specializes in booking travel for large corporations. The company has a main office in New York and operates a call center in New York and a call center in Los Angeles. The company has 1,000 employees.
Active Directory Configuration
The network contains an Active Directory forest named margiestravel.com. The functional level of the forest is Windows Server 2008 R2. The Active Directory sites are configured as shown in the following table:
All sites connect to each other by using high-speed WAN links.
The relevant servers are configured as shown in the following table:
The relevant security settings for the domain are configured as shown in the following table:
The relevant network policies on the NPS servers and the RRAS servers are configured as shown in the following table:
All client computers run Windows 7 Professional. Sales staff is located in the main office and uses portable computers. All portable computers are members of the MargiesTravel\Wireless group.
Call center staff uses a custom application to book airline tickets. The application is packaged as an MSI file and is signed by using a code signing certificate that was issued by CA3. The application is published by using Group Policies.
The company hires an additional 100 users. The users are unable to install the custom application. You need to ensure that the users can install the custom application. What should you do?
A. Disable User Account Control (UAC).
B. Add the users to the local Administrators group.
C. Request that the application package be re-signed.
D. Request that the user certificates be issued to the new users.
You deploy Microsoft Office 2007 to a pilot group in the main office. Users in the pilot group report that all of the Office 2007 applications run successfully. You deploy Office 2007 to users in the New York call center. The call center users report that they are unable to launch the Office 2007 applications. You need to ensure that the call center users can run all of the Office 2007 applications. What should you do?
A. Modify the AppLocker rule.
B. Disable User Account Control (UAC).
C. Deploy the 2007 Office system Administrative Template files.
D. Configure the Office 2007 applications to run in Windows Vista compatibility mode.
At 08:00 on a Tuesday morning, an administrator in Site 3 takes DC3 offline to update the server. Users in Site 3 report that they cannot log on to their computers. The users receive the following error message:
“Your account has time restrictions that prevent you from logging on at this time. Please try again later.”
You need to ensure that all users can log on to their computers when DC3 is offline for maintenance. Your solution must adhere to the corporate security policies. What should you do?
A. Modify the logon hours for all users in Site 3.
B. Change the time zone settings for all client computers in Site 3 to UTC-05:00.
C. Request that a second domain controller be deployed in Site 3.
D. Request that the time zone settings for DC1 and DC2 be changed to UTC-08:00.
You have two external consultants. The consultants use their own personal portable computers. The consultants report that they are unable to connect to your wireless network. You need to give the consultants wireless access to the Internet. The solution must prevent external consultants from accessing internal resources. What should you do?
A. Issue a user certificate to the consultants.
B. Issue a computer certificate to the consultants.
C. Join both portable computers to the domain. Add the computer accounts to the MargiesTravel\Wireless group.
D. Create a domain user account for each consultant. Add the user accounts to the MargiesTravel\Wireless group.
Users access a third-party Web site. The Web site is updated to use Microsoft Silverlight. After the update, the help desk receives a high volume of phone calls from users who report that the Web site fails to function. You need to ensure that the Web site functions properly for the users. What should you do?
A. Modify the Windows Internet Explorer AJAX settings by using a Group Policy object (GPO).
B. Modify the Windows Internet Explorer add-ons settings by using a Group Policy object(GPO).
C. Add the Web site to the Windows Internet Explorer Compatibility View list by using a Group Policy object (GPO).
D. Add the Web site to the Windows Internet Explorer Restricted sites by using a Group Policy object (GPO).
Case Study 5 – Alpine Ski House (QUESTION 65 – QUESTION 69)
You are an enterprise desktop support technician for Alpine Ski House. Alpine Ski House manages chalets in ski resorts around the world. The main office is located in Vancouver. Chalets are located in Japan, France, and Australia. Alpine Ski House has 500 employees.
Active Directory Configuration
The network contains an Active Directory forest. The forest contains a domain named alpineskihouse.com. The network contains four Active Directory sites. All sites have high-speed Internet connections and connect to each other by using VPNs. The site information is shown in the following table.
All servers run Windows Server 2008 R2. The relevant servers are configured as shown in the following table:
The DHCP servers are configured as shown in the following table:
All corporate computers run Windows 7 Professional and are joined to the alpineskihouse.com domain. All corporate users can access the internal network remotely by using a VPN connection. The VPN connection requires the use of a smart card. During the next year, Alpine Ski House plans to replace the existing VPN with DirectAccess. The company is running a pilot project to test DirectAccess for users in France. Each chalet contains five public computers that run Windows 7 Ultimate. Guests use the public computers to access the Internet. The public computers are members of a workgroup. Every week, a standard image of Windows 7 Ultimate is re-applied to the computers.
The help desk reports that remote desktop connections are not enabled on the public computers in the chalets. Consequently, the help desk must instruct local staff to enable remote desktop connections on each public computer. You need to ensure that remote desktop connections are enabled when public computers are deployed in the chalets. What should you do?
A. Enable Remote Desktop Connection in the standard computer image.
B. Instruct the help desk to enable Windows Remote Management (WinRM) on the public computers.
C. Request that a network administrator create a logon script for the domain.
D. Request that a network administrator create a new Group Policy to enable remote desktop connections. Link the new Group Policy to each site.
The VPN connection between Site 1 and Site 3 fails. Users in Site 3 report that their computers take a long time to start and that they are unable to access the Internet. You need to ensure that users in Site 3 are able to access the Internet if the VPN connection between Site 1 and Site 3 fails. What should you request an administrator to do?
A. Add the DHCP server role to DC3.
B. Add the DNS server role to Server3.
C. Modify the 003 Router option in the DHCP scope on Server3.
D. Modify the 006 DNS Servers option in the DHCP scope on Server3.
003 Router option – configured at the scope level
006 DNS Servers option ¬server-level options and apply to all clients served by this DHCP server
The answer is D.
The PC can’t get internet access because the DNS servers are at site 1.
DC3 already has the DNS service on it, you just need to change the DNS settings in DHCP.
003 Router option is for changing gateways.
Remote users report that after they renew their smart card certificates, they are unable to log on to their computers by using their smart cards. You need to ensure that users can log on by using their smart cards. What should you instruct the users to do?
A. Change their smart card PINs.
B. Request a new smart card certificate.
C. Log on by using their user names and passwords, and then lock and unlock their computers.
D. Establish a VPN connection from the logon screen and use their smart cards for authentication.
Users report that it takes a long time to access resources by using DirectAccess. You need to provide the network administrator with a network capture of DirectAccess traffic. Which tool should you use?
Your users access a third-party Web site to fulfill purchase orders. The Web site is updated. Users receive the following error message when they access the updated Web site:
“Internet Explorer has blocked this site from using an ActiveX control in an unsafe manner. As a result, this page may not display correctly.”
You need to ensure that users can access the Web site and that the Web site content is displayed correctly. What should you do?
A. Modify the Internet Explorer AJAX settings.
B. Modify the Internet Explorer Internet zone settings.
C. Add the Web site to the Internet Explorer Restricted Sites zone.
D. Add the Web site to the Internet Explorer Compatibility View List.
Case Study 6 – Fabrikam, Inc. (QUESTION 70 – QUESTION 73)
You are an enterprise desktop support technician for Fabrikam, Inc.
Active Directory Information
The company has a main office and a branch office. The main office hosts all of the company’s servers. The main office connects to the branch office by using a WAN link. The network contains a single Active Directory domain that has 500 users. The domain contains three domain controllers and an enterprise root certification authority (CA).
All servers run Windows Server 2008 R2. All user accounts are in an organizational unit (OU) named Employees. The computer accounts for all desktop computers are in an OU named Desktops. The computer accounts for all portable computers are in an OU named Laptops. A startup script is deployed to all computers by using Group Policy objects (GPOs).
All client computers run Windows 7 Enterprise. All users have desktop computers. All computers are members of the domain. All desktop computers use wired connections to connect to the network. All portable computers use wireless connections to connect to the network. The wireless network is secured by using EAP-TLS.
Company policy states that all client computers must be configured by using DHCP. The company has an internal Web site. The Web site is configured to use SSL encryption and to require client certificates. All company users can access the internal Web site.
The company hires a new desktop support technician. The technician is added to the Administrators group on all client computers and the DHCP Users group on all DHCP servers. The new technician reports that the DHCP snap-in is unavailable on his computer. You need to ensure that the technician can view the configurations of the DHCP servers. What should you do?
A. Instruct the technician to customize the Start menu to display the administrative tools.
B. Instruct the technician to install Remote Server Administration Tools (RSAT) and to modify the Windows Features.
C. Request that the technician be added to the Server Operators group in Active Directory.
D. Request that the technician be added to the Network Configuration Operators group in Active Directory and modify the Windows Features.