70-685 MCITP

Exam : Microsoft 70-685

Title : Pro: Windows 7, Enterprise Desktop Support Technician

1. All client computers on your company network run Windows 7 and are members of a Windows Server 2008 R2

domain. The R&D department staff are local administrators on their computers and are members of the R&D global

security group.

A new version of a business software application is available on the network.

You plan to apply an AppLocker security policy to the R&D group.

You need to ensure that members of the R&D group are not allowed to upgrade the software.

What should you do?

A. Create an Audit only restriction based on the version of the software.

B. Create an Audit only restriction based on the publisher of the software.

C. Create an Enforce rule restriction based on the version of the software.

D. Create an Enforce rule restriction based on the publisher of the software.

Answer: C

2. All client computers on your company network run Windows 7.

The preview displayed in the Content view of Windows Explorer and the Search box is considered a security risk by

your company.

You need to ensure that documents cannot be previewed in the Content view.

What should you do?

A. Change the Windows Explorer view to the List view and disable all Search indexes.

B. Set Group Policy to enable the Remove See More Results/Search Everywhere link setting.

C. Set Group Policy to enable the Turn off the display of snippets in Content view mode setting.

D. Set Group Policy to enable the Turn off display of recent search entries in the Windows Explorer search box

setting.

Answer: C

3. All client computers on your company network run Windows 7 and are members of an Active Directory Domain

Services domain.

The application control method was established by using Software Restriction Policies. These Software Restriction

Policies were deployed in a single Group Policy object (GPO) linked to the Organizational Unit (OU) that contains the

computers.

You plan to deploy Microsoft Office 2007 and configure AppLocker as the control within the GPO.

You need to ensure that core business applications continue to function.

What should you do?

A. Move the AppLocker rules to a different GPO.

B. Create new AppLocker rules that allow only digitally signed applications.

C. Create a new GPO. Apply the Software Restriction Policy and the AppLocker rules to the new GPO.

D. Recreate the AppLocker rules and apply them to the local security policy of each computer.

Answer: A

4. All client computers on your company network run Windows 7. A standard Windows 7 image is loaded on all new

computers on the network.

A department in your company purchases several tablet computers. Employees report that the pen interface does not work on the tablet computers.

You need to ensure that employees can use the pen interface.

What should you do?

A. Turn on the Media Features.

B. Turn on the Tablet PC Components.

C. Start the WMI Performance Adapter service and set it to Automatic.

D. Start the Human Interface Device Access service and set it to Automatic.

Answer: B

5. All client computers on your company network run Windows 7 and are members of an Active Directory Domain

Services domain.

AppLocker is configured to allow only approved applications to run.

Employees with standard user account permissions are able to run applications that install into the user profile folder.

You need to prevent standard users from running unauthorized applications.

What should you do?

A. Create Executable Rules by selecting the Create Default Rules option.

B. Create Windows Installer Rules by selecting the Create Default Rules option.

C. Create the following Windows Installer Rule:

Deny - Everyone - %OSDRIVE%UsersDownloads*

D. Create the following Executable Rule:

Deny - Everyone - %OSDRIVE%UsersDocuments*

Answer: A