Q101. - (Topic 1)
You have a computer that runs Windows 7.
You run the Configure Backup wizard as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that you can back up the computer to a local disk drive. What should
you do before you run the Configure Backup wizard?
A. Connect a removable disk.
B. Log on as an administrator.
C. Start the Volume Shadow Copy Service (VSS).
D. Add your user account to the Backup Operators group.
Answer: A
Explanation:
An external hard drive External hard drives can be removed and stored in a secure location. However, they are typically slower than internal hard drives and tend to be less reliable, mainly because they are by default formatted using FAT rather than NTFS. You cannot use an external hard drive for a System Image backup unless you convert its filing system to NTFS. Because it is easily removable, it is more likely that an external hard drive will be missing when a scheduled backup is required. (Local disk drive was specified, not internal)NOT AdministratorYou need administrator credentials to configure scheduled backups or to manually initiate a backup. However, restoring files does not require administrator privileges unless a user attempts to restore another user's file. (NOTE: The issue was a lack of location to store the Backup, not being about to run the Configure Backup, thus it was assumed that the user in this scenario had administrator credentials)NOT Backup OperatorsMembers of this group are able to override file and folder access restrictions for the purpose of backing up data. You can allow a user to back up files and directories by assigning them to the Backup Operators group rather than by modifying the Back Up Files and Directories policy.NOT VSSVSS is installed on computers running Windows 7. Its startup type is Manual. The service starts as needed. If the service does not start when required, shadow copies are unavailable for backup and Windows Backup does not succeed. Nor can you create restore points and previous versions. In this case, check the service and ensure that it has not been disabled.
Q102. - (Topic 5)
You have a virtual hard disk (VHD) and a computer that runs Windows 7.
The VHD has Windows 7 installed.
You need to start the computer from the VHD.
What should you do?
A. Run the System Configuration Utility and modify the Boot section.
B. Run the System Configuration Utility and modify the Startup section.
C. Run Bootcfg.exe and specify the /Copy parameter.
D. Run Bcdedit.exe and modify the Windows Boot Manager settings.
Answer: D
Q103. HOTSPOT - (Topic 4)
A user is attempting to connect to a secure remote Microsoft SQL database on a computer running Windows 7 Professional. The computer communicates on port 1433. A rule in Windows Firewall with Advanced Security allows communication. The user cannot connect to the database on the currently defined protocol due to an error in protocol type. You need to ensure that users can connect to the database.
Which setting should you choose? (To answer, select the appropriate setting in the work area.)
Answer:
Q104. - (Topic 2)
You have a computer that runs Windows 7. The computers hard disks are configured as shown in the following table.
You need to ensure that you can recover the operating system and all the files on the computer if both hard disks fail.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Create a system image.
B. Create a system repair disc.
C. Shrink C and then create a new partition.
D. Connect an external hard disk to the computer.
Answer: A,D
Explanation:
A System Image is a copy of all the files and folders on the system disk (and other specified hard disks) on a computer. You can use a System Image backup to restore the computer to exactly what its configuration was when the System Image backup was created.
External hard drives can be removed and stored in a secure location.NOT System Repair Disc:A system repair disc can be used to boot your computer. It also contains Windows system recovery tools that can help you recover Windows from a serious error or restore your computer from a system image. It does not actually save the data and will only help if a system image exists elsewhere.NOT Shrink: All partitions are inaccessible is a hard disk fails.
Q105. - (Topic 1)
You have a computer that runs Windows Vista Service Pack 2 (SP2).
You need to upgrade the computer to Windows 7.
What should you do?
A. Start the computer from the Windows 7 installation media and select the Upgrade option.
B. Start the computer from the Windows 7 installation media and select the Custom (advanced) option.
C. From Windows Vista, run Setup.exe from the Windows 7 installation media and select the Upgrade option.
D. From Windows Vista, run Setup.exe from the Windows 7 installation media and select the Custom (advanced) option.
Answer: C
Explanation:
Upgrading Windows Vista to Windows 7 instructionsAccess the Windows 7 installation source and double-click Setup.exe. When prompted by User Account Control, click Allow. This loads the Install Windows page. Click Install Now.Other NotesYou can upgrade computers running Windows Vista to Windows 7. When you upgrade from Windows Vista to Windows 7, all documents, settings, applications, and user accounts that existed on the computer running Windows Vista are available when the upgrade is finished. The advantage to an upgrade is that it allows you to keep the current application configuration. When you perform a migration, you need to reinstall the user's applications on the new computer. As mentioned previously, this can be problematic in organizations that are not careful about keeping track of which specific set of applications are installed on each user's computer. Prior to attempting to perform the upgrade from Windows Vista to Windows 7, you should run the Windows 7 Upgrade Advisor. The Windows 7 Upgrade Advisor is an application that you can download from Microsoft's Web site that will inform you if Windows 7 supports a computer running the current hardware and software configuration of Windows Vista. Prior to running the Windows 7 Upgrade Advisor, you should ensure that all hardware that you want to use with Windows 7, such as printers, scanners, and cameras, are connected to the computer. The Upgrade Advisor generates a report that informs you of which applications and devices are known to have problems with Windows
7. A similar compatibility report is generated during the upgrade process, but the version created by the Windows 7 Upgrade Advisor is more likely to be up to date.
Q106. - (Topic 2)
You have a computer that runs windows 7.
You have a third-party application.
You need to ensure that only a specific version of the application runs on the computer.
You have the application vendor's digital signature.
What should you do?
A. From Application Control Policies, configure a path rule.
B. From Application Control Policies, configure a publisher rule.
C. From Software Restriction policies, configure a path rule.
D. From Software Restriction policies, configure a certificate rule.
Answer: B
Explanation:
AppLocker Application Control Policies AppLocker is a feature new to Windows 7 that is available only in the Enterprise and Ultimate editions of the product. AppLocker policies are conceptually similar to Software Restriction Policies, though AppLocker policies have several advantages, such as the ability to be applied to specific user or group accounts and the ability to apply to all future versions of a product. As you learned earlier in this chapter, hash rules apply only to a specific version of an application and must be recalculated whenever you apply software updates to that application. AppLocker policies are located in the Computer Configuration\Windows Settings\ Security Settings \Application Control Policies node of a standard Windows 7 or Windows Server 2008 R2 GPO. AppLocker relies upon the Application Identity Service being active. When you install Windows 7, the startup type of this service is set to Manual. When testing AppLocker, you should keep the startup type as Manual in case you configure rules incorrectly. In that event, you can just reboot the computer and the AppLocker rules will no longer be in effect. Only when you are sure that your policies are applied correctly should you set the startup type of the Application Identity Service to Automatic. You should take great care in testing AppLocker rules because it is possible to lock down a computer running Windows 7 to such an extent that the computer becomes unusable. AppLocker policies are sometimes called application control policies. AppLocker Application Control Policies - Publisher Rules Publisher rules in AppLocker work on the basis of the code-signing certificate used by the file's publisher. Unlike a Software Restriction Policy certificate rule, it is not necessary to obtain a certificate to use a publisher rule because the details of the digital signature are extracted from a reference application file. If a file has no digital signature, you cannot restrict or allow it using AppLocker publisher rules. Publisher rules allow you more flexibility than hash rules because you can specify not only a specific version of a file but also all future versions of that file. This means that you do not have to re-create publisher rules each time you apply a software update because the existing rule remains valid. You can also allow only a specific version of a file by setting the Exactly option.AppLocker Application Control Policies - Path RulesAppLocker path rules work in a similar way to Software Restriction Policy path rules. Path rules let you specify a folder, in which case the path rule applies to the entire contents of the folder, including subfolders, and the path to a specific file. The advantage of path rules is that they are easy to create. The disadvantage of path rules is that they are the least secure form of AppLocker rules. An attacker can subvert a path rule if they copy an executable file into a folder covered by a path rule or overwrite a file that is specified by a path rule. Path rules are only as effective as the file and folder permissions applied on the computer.
Software Restriction Policies Software Restriction Policies is a technology available to clients running Windows 7 that is available in Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008. You manage Software Restriction Policies through Group Policy. You can find Software Restriction Policies in the Computer Configuration \Windows Settings\Security Settings\Software Restriction Policies node of a group policy. When you use Software Restriction Policies, you use the Unrestricted setting to allow an application to execute and the Disallowed setting to block an application from executing. You can achieve many of the same application restriction objectives with Software Restriction Policies that you can with AppLocker policies. The advantage of Software Restriction Policies over AppLocker policies is that Software Restriction Policies can apply to computers running Windows XP and Windows Vista, as well as to computers running Windows 7 editions that do not support AppLocker. The disadvantage of Software Restriction Policies is that all rules must be created manually because there are no built-in wizards to simplify the process of rule creation.Software Restriction Policies - Path Rules Path rules, allow you to specify a file, folder, or registry key as the target of a Software Restriction Policy. The more specific a path rule is, the higher its precedence. For example, if you have a path rule that sets the file C: \Program files\Application\App.exe to Unrestricted and one that sets the folder C:\Program files\Application to Disallowed, the more specific rule takes precedence and the application can execute. Wildcards can be used in path rules, so it is possible to have a path rule that specifies C:\Program files\Application\*.exe. Wildcard rules are less specific than rules that use a file's full path. The drawback of path rules is that they rely on files and folders remaining in place. For example, if you created a path rule to block the application C:\Apps\Filesharing.exe, an attacker could execute the same application by moving it to another directory or renaming it something other than Filesharing.exe. Path rules work only when the file and folder permissions of the underlying operating system do not allow files to be moved and renamed. Software Restriction Policies - Certificate Rules Certificate rules use a code-signed software publisher's certificate to identify applications signed by that publisher. Certificate rules allow multiple applications to be the target of a single rule that is as secure as a hash rule. It is not necessary to modify a certificate rule in the event that a software update is released by the vendor because the updated application will still be signed using the vendor's signing certificate. To configure a certificate rule, you need to obtain a certificate from the vendor. Certificate rules impose a performance burden on computers on which they are applied because the certificate's validity must be checked before the application can execute. Another disadvantage of certificate rules is that they apply to all applications from a vendor. If you want to allow only 1 application from a vendor to execute but the vendor has 20 applications available, you are better off using a different type of Software Restriction Policy because otherwise users can execute any of those other 20 applications.
Q107. - (Topic 5)
You administer computers that have Windows 7 and Internet Explorer 8 installed.
You want to log on to one of the computers and access a web-based management application that runs on a server by using Internet Explorer.
You need to ensure that any data about your browser session is not saved on the computer.
What should you do?
A. Disable Internet Connection Sharing.
B. From Internet Options, select Delete browsing history on exit.
C. Start the Microsoft Network Access Protection service.
D. From the Safety drop-down menu, configure InPrivate Filtering.
Answer: B
Q108. - (Topic 4)
You use a portable computer that has Windows 7 installed. The computer has a single hard disk drive and a dual-core CPU.
You need to analyze the performance of the computer to meet the following requirements:
. Include the CPU, Memory, Disk and Graphics subsystems.
. Rate the subsystems and find out the lowest-rated component.
What should you do?
A. Run powercfg.exe.
B. Run the Windows Experience Index.
C. Configure Event Viewer subscriptions.
D. Open Task Manager.
E. Open System Properties, and configure performance settings.
F. Open System Properties, and configure environment variables.
G. Open System Properties, and configure user profiles settings.
H. Open System Properties, and configure the page file settings.
I. Open Performance Monitor, and configure a Data Collector Set.
J. Open Performance Monitor, and customize the System Monitor view.
Answer: B
Q109. - (Topic 4)
A company has client computers that run Windows 7 Enterprise.
A user has saved files in a C:\Users\ folder that coworkers must be able to read and edit.
However, when coworkers try to edit those files, they get an "Access Denied" error.
You need to configure new NTFS permissions for the user's C:\Users\ folder to ensure that the coworkers have access to write to that folder.
Which two choices should you use to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. share permissions
B. the folder Properties window
C. the User Account Control Settings Control Panel window
D. the Group Policy management console
E. the Services management console
F. Local Users and Groups
G. the netsh command
H. Device Manager
I. the icacls command
Answer: B,I
Q110. - (Topic 2)
You have a computer that runs windows 7. You have a system image of the computer. You need to restore a single file from the system image. You must achieve the goal using minimum administrative effort. What should you do?
A. From Disk Management, select Attach VHD.
B. From the Backup and Restore, select restore my files.
C. Restart the computer and run system restore.
D. Restart the computer and run system image recovery.
Answer: A
Explanation:
Attach VHD: Attaching a VHD activates the VHD so that it appears on the host computer as a local hard disk drive. This is sometimes called "surfacing a VHD" because the VHD is now visible to users. If the VHD already has a disk partition and file system volume when you attach it, the volume inside the VHD is assigned a drive letter. The assigned drive letter is then available for use, similar to when you insert a USB flash drive into a USB connector. All users (not just the current user) can use the attached VHD in the same way they use other volumes on local physical hard disk drives (depending on security permissions). Furthermore, because you can attach a VHD that is located on a remote server message block (SMB), you can manage your images remotely. Once attached the single file can be restored. The other answers are overkill or replace all files not just the one required.
http://technet.microsoft.com/en-us/library/dd440865%28WS.10%29.aspx
What is system protection? System protection is a feature that regularly creates and saves information about your computer's system files and settings. System protection also saves previous versions of files that you've modified. It saves these files in restore points, which are created just before significant system events, such as the installation of a program or device driver. They're also created automatically once every seven days if no other restore points were created in the previous seven days, but you can create restore points manually at any time.
System protection is automatically on for the drive that Windows is installed on. System protection can only be turned on for drives that are formatted using the NTFS file system.
There are two ways that you can take advantage of system protection:
* If your computer is running slowly or isn't working properly, you can use System Restore to return your computer's system files and settings to an earlier point in time using a restore point.
* If you accidentally modify or delete a file or folder, you can restore it to a previous version that's saved as part of a restore point.