(DAILY QUESTIONS UPDATION) Using Braindump2go New Updated Microsoft 70-688 Practice Exam Questions – Getting Microsoft 70-688 Certification (111-125)

Braindump2go Updated Microsdoft 70-688 Practice Exam Dumps Today! All Latest 276 Questions and Answers are all from Micrsoft Exam Center – Many New Question added into 70-688 Exam! Free Download the latest Microsoft 70-688 sample Exam Questions from Braindump2go Now!

Vendor: Microsoft
Exam Code: 70-688
Exam Name: Supporting Windows 8.1


You have client computers that run Windows 7 Enterprise. All users have roaming user profiles. You deploy several client computers that run Windows 8 Enterprise. Users who sign in to both the Windows 8 Enterprise computers and the Windows 7 Enterprise computers report that they no longer see their desktop background and their theme.
You suspect that the user profiles are corrupt.
You need to resolve the profile corruption issue. What should you do?

A.    Move all of the user profiles to a file server that runs Windows Server 2012, and then modify
the profile path of each user account.

B.    on the Windows 7 computers, configure the Download roaming profiles on primary computers
only Group Policy setting.

C.    on the Windows 8 computers, configure the Set roaming profile path for all users logging onto
this computer Group Policy setting.

D.    For each user, set the msDs-PrimaryComputer attribute to use a Windows 8 computer.

Answer: C
If you try to deploy Windows 8.1 in an environment that uses roaming, mandatory, super-mandatory, or domain default profiles in Windows 7, you experience the following:
After you use a user account that has an existing Windows 7 profile to log on to a Windows 8.1-based computer for the first time, the components from Windows 8.1 read and modify the profile state.
Certain Windows 8.1 features may not work as expected because the expected profile state is not present.
When you try to use the same user account to log on to a Windows 7-based computer, the user profile modification that was performed in Windows 8.1 may not work as expected in Windows 7.
Roaming, mandatory, super-mandatory, and domain default user profiles that were created in one version of Windows must be kept isolated from those that were created in another version of Windows.
For more information about this issue in Windows 8, click the following article number to view the article in the Microsoft Knowledge Base:
2887239 Incompatibility between Windows 8 roaming user profiles and roaming profiles in other versions of Windows

You install the Microsoft Application Compatibility Toolkit (ACT) on a client computer named Computer1. Computer1 has the ACT Log Processing Service and Microsoft SQL Server 2012 Express installed.
You install the ACT on a client computer named Computer2. When Computer2 attempts to connect to a SQL Server database, you receive the following error message:
"The SQL Server you entered either does not exist or you do not have the required credentials for access."
You need to ensure that Computer2 can connect to the SQL Server database successfully. Which should you do on Computer1?

A.    Create firewall exceptions for TCP port 443 and UDP port 389.
B.    Add Computer2 to the local Administrators group.
C.    Add Computer1 to the local Administrators group.
D.    Create firewall exceptions for Sqlservr.exe and Sqlbrowser.exe.

Answer: A
Add a firewall exception for TCP port 1433 (SQL Server) and for UDP port 1434 (SQL Browser)

Your network contains an Active Directory domain named contoso.com. A user receives the following error message when attempting to sign in to a computer:
"The trust relationship between this workstation and the primary domain failed."
You need to ensure that the user can sign in to the computer by using a domain user account. Which tool should you use?

A.    Netcfg
B.    Netsh
C.    Netdom
D.    Netstat

Answer: C

Your network contains an Active Directory domain. All client computers run Windows 8 Enterprise. Your company uses virtual smart cards. A user named User1 requires a virtual smart card on a new client computer named Computer1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Enroll User1 for a certificate.
B.    Run the Enable-BitLocker cmdlet.
C.    Run the tpmvscmgr.exe command.
D.    Enroll Computer1 for a certificate.

Answer: AC
A: Smart cards (virtual or otherwise) are based on digital certificates, which means you need a Public Key Infrastructure (PKI). A Windows Server 2012 certification authority (CA) has two default certificate templates that can be used for issuing smart card certificates. The Smartcard Logon template is appropriate when the card’s use will be for logging on only. If you want users to be able to use the certificate for encrypting email, use the Smartcard User template.
C: To create a Virtual Smart Card, use the Tpmvscmgr.exe command line utility.
Your network contains a wireless network access point that uses 802.IX certificate-based authentication.
You purchase several devices that run Windows RT.
You need to ensure that the Windows RT devices can authenticate to the wireless access point. What should you do first?

A.    Add a certificate to the Trusted Devices certificate store of the user.
B.    Add a certificate to the Trusted Root Certification Authorities certificate store of the computer.
C.    Add a certificate to the Trusted Root Certification Authorities certificate store of the user.
D.    Add a certificate to the Trusted Devices certificate store of the computer.

Answer: B

You support computers that run Windows 8 Enterprise and are members of a workgroup. Users are able to download and install any app from Windows Store.
You need to ensure that only approved apps can be installed from Windows Store.
What should you do?

A.    Configure a Software Restriction Policy Certificate rule.
B.    Enable Windows SmartScreen and select the Get administrator approval before running an
unrecognized app from the Internet option.

C.    Configure an AppLocker Packaged app rule.

D.    Configure an AppLocker Publisher rule.

Answer: C

You have 100 client computers that run Windows 8 Pro. Each computer has a single local hard disk drive, a DVD drive, and an external USB drive.
Each computer has a different set of line-of-business (LOB) desktop applications that are installed locally. All of the applications store their configurations in the HKEY_Local_Machine\Software registry hive.
You need to design a recovery solution to ensure that you can restore the initial state of the locally installed LOB desktop applications if an application is misconfigured.
The solution must preserve the existing locally stored user data.
What should you do?

A.    Enable File History. Restore files by using File History.
B.    Create a Microsoft Diagnostics and Recovery Toolset (DaRT) recovery image.
Start the computer from the DaRT image and perform a file restore.

C.    Run recimg.exe. Perform a system refresh.

D.    Create a system repair disk by using Windows 7 File Recovery.
Start the computer from the Windows 8 Enterprise installation media and perform an automatic repair,

Answer: C
Reinstalling all of your Desktop apps can be time consuming, so Windows 8 offers a command called recimg.exe to make this easier. recimg creates an image which is used by the refresh facility when restoring Windows. Not only will your personal data and Metro style apps be saved, but so will Desktop apps you have installed at the time you create the image. This can save you a lot of time.
http://gallery.technet.microsoft.com/Script-to-refresh-Windows-9aa30f2a http://technet.microsoft.com/en-us/windowsserver/hh475797.aspx

Your network contains an Active Directory domain and a subscription to Microsoft Office 365. Users discover that they must change their Active Directory password more frequently than their Office 365 password.
You need to ensure that the password policies for Office 365 and for Active Directory are the same.
What should you do?

A.    From the Office 365 portal, under Subscriptions, click Manage.
B.    From the Windows Azure Active Directory Module for Windows PowerShell, run Set- MsolUserPassword.
C.    From the Office 365 portal, under Management, click Users.
D.    From the Office 365 portal, under Management, click Domains.

Answer: C
In the Office 365 portal, click Admin > Users (under Management in the navigation pane). On the Users page, select a user, and then click Edit.
* Some of the options can be managed by using the Office365 Web interface and some task only by using PowerShell.
* Office 365 users Password management verses the "Standard" Domain Active directory is a little bit restricted. For example: configure password policy parameters such as – Enforce password history, Minimum password length, Password must meet complexity requirements cannot be configured by the office 365 administrator. At the current time, the options that related to Office 365 users Password management are: reset the user password and setting the number of maximum number of days or password expiration (the default is 90 days).
You have a client computer named Computer1 that runs Windows 8 Enterprise. Computer1 has a Trusted Platform Module (TPM) chip installed and the operating system volume is encrypted by using BitLocker Drive Encryption (BitLocker).
You plan to upgrade the BIOS of Computer1.
You need to recommend a solution that meets the following requirements:
– Ensures that the drive remains encrypted
– Avoids the need to perform a BitLocker recovery
– Ensures that Windows can start after the BIOS is upgraded
– Minimizes the time required to complete the BIOS upgrade
What should you include in the recommendation?

A.    From the command prompt, run manage-bde and specify the -protectors parameter and the – disable parameter.
B.    From the command prompt, run manage-bde and specify the -protectors parameter and the – delete parameter.
C.    From the Trusted Platform Module (TPM) Management console, click Turn TPM Off from the Actions menu.
D.    From the command prompt, run tpmvscmgr.exe and specify the destroy parameter.

Answer: A
* For mass BIOS updates, create a script that disables BitLocker, installs the update, reboots the system and then re-enables BitLocker.
* manage-bde -autounlock {-enable | -disable | -ClearAllKeys} Volume [-ComputerName Name] -disable
Disables automatic unlocking for a data drive.
* The Disable-BitLocker cmdlet disables BitLocker Drive Encryption for a BitLocker volume. When you run this cmdlet, it removes all key protectors and begins decrypting the content of the volume.

Your network contains an Active Directory domain. The domain contains client computers that run Windows 8 Enterprise. Users frequently use USB drives to store sensitive files that are used on multiple computers. Your corporate security policy states that all removable storage devices, such as USB data drives, must be encrypted.
You need to ensure that if a user forgets the password for a USB disk that is encrypted by using BitLocker To Go, the user can resolve the issue themself.
What should you do?

A.    Instruct the user to open BitLocker Drive Encryption, select Backup Recovery Key, and then select
Save to your Microsoft account.

B.    For each computer, create a USB startup key.

C.    Instruct the user to open BitLocker Drive Encryption, select Backup Recovery Key, and then select
Print the recovery key.

D.    From an elevated command prompt, run Manage-BDE-ForceRecovery.

Answer: C


Withhold startup key during startup – You can initiate recovery by not inserting the USB flash drive, which contains the startup key, when the computer starts up. When you do not provide the startup key, the pre-Windows recovery console displays a screen for entering a recovery password.

You administer computers that run Windows 8 Enterprise.
The computers are members of an Active Directory domain.
You have a tablet that runs Windows 8 Enterprise.
You configure the tablet to access your company network by using a virtual private network (VPN) connection.
You need to manage Active Directory from the tablet by using a VPN connection.
What should you do?

A.    Run the winrm.exe qc command.
B.    Install the System Center Configuration Manager (SCCM) 2012 client.
C.    Install the Remote Server Administration Tools (RSAT).
D.    Install the Windows Intune client.

Answer: C
Remote Server Administration Tools for Windows 8 includes Server Manager, Microsoft Management Console (MMC) snap-ins, consoles, Windows PowerShell cmdlets and providers, and command-line tools for managing roles and features that run on Windows Server 2012. In limited cases, the tools can be used to manage roles and features that are running on Windows Server 2008 R2 or Windows Server 2008.
Some of the tools work for managing roles and features on Windows Server 2003.

You support tablets that run Windows 8 Pro. You are designing a remote access server (RAS) that will be placed behind a firewall. The firewall will accept incoming TCP connections to ports 80 and 443 only. You want to connect to the RAS server from a tablet. You need to create a virtual private network (VPN) connection to the RAS server. Which VPN tunneling protocol should you use?

A.    IPSec/L2TP
B.    SSTP
C.    PPTP
D.    IPSec/IKEv2

Answer: B
Was a bit difficult to find information on Technet regarding SSTP but, the below explains it well and why it would be used here.
Secure Socket Tunneling Protocol
Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key-negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers.

At home, you use a desktop computer that runs Windows 8.
At work, you use a laptop that runs Windows 8 and is connected to a corporate network.
You use the same Microsoft account to log on to both computers.
You have a folder with some personal documents on your desktop computer.
The folder must be available and synced between both computers.
You need to ensure that the latest version of these files is available.
What should you do?

A.    Move the folder to the Documents folder.
B.    Go to PC Settings.
Under Homegroup, select Documents to be Shared.

C.    Install SkyDrive for Windows.
In Windows Explorer, move the folder that contains the personal documents to the SkyDrive folder.

D.    Move the folder to the Libraries folder.

E.    Go to PC Settings.
Under Sync your settings, enable App settings.

F.    Right-click the folder and click Properties.
Under Security, provide Full Control for the Microsoft account.

Answer: C
Original answer was ‘A’ is the wrong answer. Windows 8 will not synchronize any of your files automatically, when they are in Documents folder.
The correct answer is C – SkyDrive is the only way to sync files between Windows 8 computers.

A portable computer that runs Windows 8 uses a mobile broadband connection for the corporate wireless network. The computer also has a wired corporate network connection. The computer successfully downloads Windows updates when connected to either network.
You need to ensure that the computer automatically downloads updates by using Windows Update only while connected to the wired corporate network connection.
What should you do?

A.    Set the corporate wireless network to metered.
B.    Set the corporate wireless network to non-metered.
C.    Configure the Specify intranet Microsoft update service location local Group Policy setting.
D.    Configure a Windows Firewall connection security rule.

Answer: A
You can also set particular networks as a metered connection, which will then disable Windows Update from downloading updates (except for critical security patches) and possibly disable or reduce data usage from other Microsoft and non-Microsoft applications as well.

Employees are permitted to bring personally owned portable computers that run Windows 8 to the office. They are permitted to install corporate applications by using the management infrastructure agent and access corporate email by using Windows Mail.
An employee’s personally owned portable computer is stolen.
You need to protect the corporate applications and email messages on the computer.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    Prevent the computer from connecting to the corporate wireless network.
B.    Disconnect the computer from the management infrastructure.
C.    Change the user’s password.
D.    Initiate a remote wipe.

Answer: CD
D: A Remote Wipe is the process where a device is selected from a central Microsoft Exchange or management console and chosen to be wiped, for example if the device has been lost by the owner. The Remote Wipe command is then sent to the device via ActiveSync.
For a device such as a Windows Phone, all data is deleted, including email, contacts, calendar for all accounts and other data on the device such as documents and picture.
However, when ActiveSync Remote Wipe is performed against a Windows 8 or Windows RT device, the scope of the wipe is more limited. Only the email, contacts, and calendar for information stored in thebuiltin Mail applicationare deleted. Other data on the system is not deleted, including information from the Microsoft Office Outlook client.

Braindump2go promise you a 100% totally pass of 70-688 Exam! Believe us, trying to pass 70-688  Exam, we will return your Full Money Back if you cannot pass! We are confident in helping everyone pass any IT Exams one time! Download our latest updated 70-688 Exam Dumps now!




Comments are closed.