70-742 PDF Dumps

How to use our free microsoft 70-742 PDF Dumps

Our Free 70-742 PDF dumps are based on the full 70-742 mock exams which are available on our Web Site. The microsoft 70-742 PDF consists in questions and answers with detailed explanations.
You can use the PDF 70-742 practice exam as a study material to pass the 70-742 exam, and don't forget to try also our 70-742 testing engine Web Simulator.

On-Line Users: {{voteInfo.result.viewUsers}}
Subscribed Users: {{voteInfo.result.subscribedUsers}}
Thank you for your vote {{voteInfo.result.stars}} Your vote has already been submitted ({{voteInfo.result.votingPeople}} votes)

Follow us on SlideShare to see the latest available 70-742 tests pdf.

										
											Q1.Your network contains an Active Directory forest named contoso.com. The forest contains three domains
named contoso.com, corp.contoso.com, and ext.contoso.com. The forest contains three Active Directory sites
named Site1, Site2, and Site3.
You have the three administrators as described in the following table.

[PIC-1]

You create a Group Policy object (GPO) named GPO1.
Which administrator or administrators can link GPO1 to Site2?
 - A:   Admin1 and Admin2 only
 - B:   Admin1, Admin2, and Admin3
 - C:   Admin3 only
 - D:   Admin1 and Admin3 only

 solution: D

Explanation:
To link an existing GPO to a site, domain, or OU, you must have Link GPOs permission on that site, domain, or
OU. By default, only domain administrators and enterprise administrators have this privilege for domains and
OUs. Enterprise administrators and domain administrators of the forest root domain have this privilege for sites.
References:
https://technet.microsoft.com/en-us/library/cc732979(v=ws.11).aspx


Q2.Your network contains an Active Directory domain named contoso.com.
You have an organizational unit (OU) named TestOU that contains test computers.
You need to enable a technician named Tech1 to create Group Policy objects (GPOs) and to link the GPOs to
TestOU. The solution must use the principle of least privilege.
Which two actions should you perform? Each correct answer presents part of the solution.
 - A:   Add Tech1 to the Group Policy Creator Owners group.
 - B:   From Group Policy Management, modify the Delegation settings of the TestOU OU.
 - C:   Add Tech1 to the Protected Users group.
 - D:   From Group Policy Management, modify the Delegation settings of the contoso.com container.
 - E:   Create a new universal security group and add Tech1 to the group.

 solution: A, B

Explanation:
The Group Policy Creator Owners group lets its members create new GPOs.
You can delegate the ability for users to be given the ability to link GPOs to an OU or domain via the Delegation
tab of the OU/domain/site within the GPMC.
References: 
http://www.itprotoday.com/management-mobility/what-group-policy-creator-owners-group 
http://www.itprotoday.com/management-mobility/how-do-i-delegate-permissions-someone-edit-gpo


Q3.You have users that access web applications by using HTTPS. The web applications are located on the servers
in your perimeter network. The servers use certificates obtained from an enterprise root certification authority
(CA). The certificates are generated by using a custom template named WebApps. The certificate revocation
list (CRL) is published to Active Directory.
When users attempt to access the web applications from the Internet, the users report that they receive a
revocation warning message in their web browser. The users do not receive the message when they access
the web applications from the intranet.
You need to ensure that the warning message is not generated when the users attempt to access the web
applications from the Internet.
What should you do?
 - A:   Install the Certificate Enrollment Web Service role service on a server in the perimeter network.
 - B:   Modify the WebApps certificate template, and then issue the certificates used by the web application

servers.
 - C:   Install the Web Application Proxy role service on a server in the perimeter network. Create a publishing

point for the CA.
 - D:   Modify the CRL distribution point, and then reissue the certificates used by the web application servers.

 solution: D



Q4.You network contains an Active Directory domain named contoso.com. The domain contains 1,000 desktop
computers and 500 laptops. An organizational unit (OU) named OU1 contains the computer accounts for the
desktop computers and the laptops.
You create a Windows PowerShell script named Script1.ps1 that removes temporary files and cookies. You
create a Group Policy object (GPO) named GPO1 and link GPO1 to OU1.
You need to run the script once weekly only on the laptops.
What should you do?
 - A:   In GPO1, create a File preference that uses item-level targeting.
 - B:   In GPO1, create a Scheduled Tasks preference that uses item-level targeting.
 - C:   In GPO1, configure the File System security policy. Attach a WMI filter to GPO1.
 - D:   In GPO1, add Script1.ps1 as a startup script. Attach a WMI filter to GPO1.

 solution: B



Q5.Your company recently deployed a new child domain to an Active Directory forest.
You discover that a user modified the Default Domain Policy to configure several Windows components in the
child domain.
A company policy states that the Default Domain Policy must be used only to configure domain-wide security
settings.
You create a new Group Policy object (GPO) and configure the settings for the Windows components in the
new GPO.
You need to restore the Default Domain Policy to the default settings from when the domain was first installed.
What should you do?
 - A:   From Group Policy Management, click Starter GPOs, and then click Manage Backups.
 - B:   From a command prompt, run the dcgpofix.exe command.
 - C:   From Windows PowerShell, run the Copy-GPO cmdlet.
 - D:   Run ntdsutil.exe to perform a metadata cleanup and a semantic database analysis.

 solution: B



Q6.Your network contains an Active Directory domain named contoso.com.
You have an organizational unit (OU) named OU1 that contains the computer accounts of two servers and the
user account of a user named User1. A Group Policy object (GPO) named GPO1 is linked to OU1.
You have an application named App1 that installs by using an application installer named App1.exe.
You need to publish App1 to OU1 by using Group Policy.
What should you do?
 - A:   Create a Config.zap file and add a file to the File System node to the Computer Configuration node of



GPO1.
 - B:   Create a Config.xml file and add a software installation package to the User Configuration node of GPO1.
 - C:   Create a Config.zap file and add a software installation package to the User Configuration node of GPO1.
 - D:   Create a Config.xml file and add a software installation package to the Computer Configuration node of

GPO1.

 solution: C



Q7.Your network contains an Active Directory domain named contoso.com.
You have a Group Policy object (GPO) named GPO1. GPO1 is linked to an organizational unit (OU) named
OU1.
GPO1 contains several corporate desktop restrictions that apply to all computers.
You plan to deploy a printer to the computers in OU1.
You need to ensure that any user who signs in to a computer that runs Windows 10 in OU1 receives the new
printer. All of the computers in OU1 must continue to apply the corporate desktop restrictions from GPO1.
What should you configure?
 - A:   a user preference and a WMI filter on GPO1.
 - B:   a computer preference that uses item-level targeting
 - C:   a computer preference and WMI filter on GPO1
 - D:   a user preference that uses item-level targeting

 solution: B



Q8.Note: This question is part of a series of questions that use the same or similar answer choices. An answer
choice may be correct for more than one question in the series. Each question is independent of the other
questions in this series.
Information and details provided in a question apply only to that question.
Your network contains an Active Directory domain named contoso.com. The domain contains 5,000 user
accounts.
You have a Group Policy object (GPO) named DomainPolicy that is linked to the domain and a GPO named
DCPolicy that is linked to the Domain Controllers organizational unit (OU).
You need to use the application control policy settings to prevent several applications from running on the
network.
What should you do?
 - A:   From the Computer Configuration node of DCPolicy, modify Security Settings.
 - B:   From the Computer Configuration node of DomainPolicy, modify Security Settings.
 - C:   From the Computer Configuration node of DomainPolicy, modify Administrative Templates.
 - D:   From the User Configuration node of DCPolicy, modify Security Settings.
 - E:   From the User Configuration node of DomainPolicy, modify Folder Redirection.
 - F:   From user Configuration node of DomainPolicy, modify Administrative Templates.
 - G:   From Preferences in the User Configuration node of DomainPolicy, modify Windows Settings.
 - H:   From Preferences in the Computer Configuration node of DomainPolicy, modify Windows Settings.

 solution: B



Q9.Note: This question is part of a series of questions that use the same or similar answer choices. An answer
choice may be correct for more than one question in the series. Each question is independent of the other
questions in this series.
Information and details provided in a question apply only to that question.
Your network contains an Active Directory domain named contoso.com. The domain contains 5,000 user
accounts.
You have a Group Policy object (GPO) named DomainPolicy that is linked to the domain and a GPO named
DCPolicy that is linked to the Domain Controllers organizational unit (OU).
You need to configure the Documents folder of every user to be stored on a server named FileServer1.
What should you do?
 - A:   From the Computer Configuration node of DCPolicy, modify Security Settings.
 - B:   From the Computer Configuration node of DomainPolicy, modify Security Settings.
 - C:   From the Computer Configuration node of DomainPolicy, modify Administrative Templates.
 - D:   From the User Configuration node of DCPolicy, modify Security Settings.
 - E:   From the User Configuration node of DomainPolicy, modify Folder Redirection.
 - F:   From user Configuration node of DomainPolicy, modify Administrative Templates.
 - G:   From Preferences in the User Configuration node of DomainPolicy, modify Windows Settings.
 - H:   From Preferences in the Computer Configuration node of DomainPolicy, modify Windows Settings.

 solution: E



Q10.Note: This question is part of a series of questions that use the same or similar answer choices. An answer
choice may be correct for more than one question in the series. Each question is independent of the other
questions in this series.
Information and details provided in a question apply only to that question.
Your network contains an Active Directory domain named contoso.com. The domain contains 5,000 user


accounts.
You have a Group Policy object (GPO) named DomainPolicy that is linked to the domain and a GPO named
DCPolicy that is linked to the Domain Controllers organizational unit (OU).
You need to force users to change their account password at least every 30 days.
What should you do?
 - A:   From the Computer Configuration node of DCPolicy, modify Security Settings.
 - B:   From the Computer Configuration node of DomainPolicy, modify Security Settings.
 - C:   From the Computer Configuration node of DomainPolicy, modify Administrative Templates.
 - D:   From the User Configuration node of DCPolicy, modify Security Settings.
 - E:   From the User Configuration node of DomainPolicy, modify Folder Redirection.
 - F:   From user Configuration node of DomainPolicy, modify Administrative Templates.
 - G:   From Preferences in the User Configuration node of DomainPolicy, modify Windows Settings.
 - H:   From Preferences in the Computer Configuration node of DomainPolicy, modify Windows Settings.

 solution: B