Question 6 of 205

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contain an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. Computer1 connects to a home network and a corporate network.

The corporate network uses the 172.16.0.0/24 address space internally.

Computer1 runs an application named App1 that listens to port 8080.

You need to prevent connections to App1 when Computer1 is connected to the home network.

Solution: From Windows Firewall in the Control Panel, you add an application and allow the application to communicate through the firewall on a Private network.

Does this meet the goal?

    Correct Answer: B

    To meet the goal of preventing connections to App1 when Computer1 is connected to the home network, you would need to create a rule that blocks the application on the home network. Allowing the application to communicate through the firewall on a Private network will not achieve this goal, as the home network is typically categorized as a Private network. Thus, the solution proposed does not meet the stated goal.

Question 7 of 205

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2016. All client computers run Windows 10.

The relevant objects in the domain are configured as shown in the following table.

You need to assign User1 the right to restore files and folders on Server1 and Server2.

Solution: You create a Group Policy object (GPO), you link the GPO to the Servers OU, and then you modify the Users Rights Assignment in the GPO.

Does this meet the goal?

    Correct Answer: A

    To assign User1 the right to restore files and folders on Server1 and Server2, creating a Group Policy Object (GPO), linking it to the Servers OU, and modifying the User Rights Assignment in the GPO is an effective solution. By linking the GPO to the Servers OU, it ensures that the policy settings apply to Server1 and Server2. Modifying the 'Restore files and directories' setting in the User Rights Assignment and granting this right to User1 will fulfill the requirement. Therefore, the correct answer is Yes.

Question 8 of 205

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2016. All client computers run Windows 10.

The relevant objects in the domain are configured as shown in the following table.

You need to assign User1 the right to restore files and folders on Server1 and Server2.

Solution: You add User1 to the Backup Operators group in contoso.com.

Does this meet the goal?

    Correct Answer: B

    Adding User1 to the Backup Operators group in contoso.com would give User1 rights to backup and restore files on domain controllers but not necessarily on the member servers like Server1 and Server2, unless those servers are domain controllers themselves. To grant User1 the right to restore files and folders specifically on Server1 and Server2, User1 should be added to the Backup Operators group on those specific servers. Therefore, this solution does not meet the goal.

Question 9 of 205

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2016. All client computers run Windows 10.

The relevant objects in the domain are configured as shown in the following table.

You need to assign User1 the right to restore files and folders on Server1 and Server2.

Solution: You create a Group Policy object (GPO), link it to the Operations Users OU, and modify the Users Rights Assignment in the GPO.

Does this meet the goal?

    Correct Answer: B

    To assign User1 the right to restore files and folders on Server1 and Server2, the correct approach is to create a Group Policy object (GPO) and link it to the organizational unit (OU) that contains the computer accounts of Server1 and Server2. In this case, both server computer accounts are in the 'Servers' OU. Linking the GPO to the 'Operations Users' OU, which contains user accounts, will not apply the needed permissions to the servers. Therefore, the solution of creating a GPO and linking it to the 'Operations Users' OU does not meet the goal.

Question 10 of 205

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com. The domain contains multiple Hyper-V hosts.

You need to deploy several critical line-of-business applications to the network to meet the following requirements:

✑ The resources of the applications must be isolated from the physical host.

✑ Each application must be prevented from accessing the resources of the other applications.

✑ The configurations of the applications must be accessible only from the operating system that hosts the application.

Solution: You deploy a separate Windows container for each application.

Does this meet the goal?

    Correct Answer: B

    Deploying a separate Windows container for each application does not fully meet the goal of isolating the resources of the applications from the physical host. Windows containers share the same kernel with the host operating system, which means there is no complete isolation from the physical host. Additionally, while containers provide some level of isolation between applications, they do not provide the hardware-level isolation required to prevent one application from accessing the resources of another application effectively. To achieve the required isolation, Hyper-V containers should be used instead, as they provide both the security of running each container in a lightweight virtual machine and ensuring that the resources of the applications are fully isolated from the physical host and from each other.