70-398 | Refresh 70-398 Exam Study Guides With New Update Exam Questions


Q11. A company has a policy that all data stored on a corporate mobile device must be encrypted.

You need a management solution that enforces the policy.

Which two management solutions should you use? Each correct answer presents part of the solution.

A. Windows Server 2012 R2 Active Directory Certificate Services Server role.

B. Microsoft Exchange ActiveSync.

C. System Center 2012 R2 Configuration Manager.

D. Microsoft Operations Management Suite.

E. Microsoft Intune Mobile Device Management.

Answer: B,E

Q12. DRAG DROP

You are deploying Windows 10 clients for a small company. The environment does not have access to any network shares, and USB drives are not allowed.

You need to determine which recovery options you can use.

For each scenario, which recovery option should you use? To answer, drag the appropriate recovery tool to the correct scenario. Each recovery tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. Each correct answer is worth one point.

Answer:

Q13. DRAG DROP 

Your organization is deploying new Windows 10 devices. You create a new organizational unit that contains all Windows 10 devices.

You are preparing a new security policy for Windows 10 devices. Your organization requires audits on the use of removable storage devices on personal devices.

You need to enable audits of removable storage.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Q14. You manage an Active Directory Domain Services (AD DS) domain that has 500 devices. All devices run Windows 7 Enterprise Edition. You deploy System Center 2012 R2 Configuration Manager SP1.

You plan to upgrade all devices to Windows 10 Enterprise and encrypt the devices by using Microsoft BitLocker Administration and Monitoring (MBAM), Data secured with BitLocker must not be stored on USB devices.

You need to ensure that existing devices are ready for the upgrade. What should you do?

A. Implement MBAM in thedomain. Create an MBAM group policy and apply the policy to all devices.

B. Verify that the System Center Configuration Manager agent is installed on all devices.

C. In the system BIOS, verify that all devices have a Trusted Platform Module (TPM) 1.2 or higher chip. Enable the TPM chip.

D. Integrate MBAM with System Center Configuration Manager. Deploy the BitLocker prepare task sequence to all laptop computers.

E. From System Center Configuration Manager, create a custom deploy task sequence that enables MBAM. Deploy the task sequence to all Windows 7 devices.

Answer: B

Q15. You are a network administrator for a company that has an Office 365 E3 subscription. You purchase Enterprise Mobility Suite licenses. You implement synchronization by using a federated identity model.

Passwords for Sales team users often expire while they are travelling. When this happens, the users are not able to log on to the virtual private network (VPN) to perform their duties. Users must be able to reset their own passwords.

You need to enable password write-back. Which application should you configure?

A. Web Application Proxy

B. Active Directory Federation Services (AD FS)

C. Microsoft Online Services Sign-in Assistant

D. Directory Synchronization (DirSync)

E. Azure Active Directory Connect

Answer: E

Q16. You configure Windows Remote Desktop to allow remote connections. You are testing the remote desktop connection.

When users that are not administrators sign in to the Remote Desktop Connection, the following error message displays: “To sign in remotely, you need the right to sign in through Remote Desktop Services.”

You need to ensure that all employees can access resources by using Remote Desktop Connection.

What should you do?

A. In the local group policy, configure the Remote Desktop Connection Client to prompt for credentials on the client.

B. Create a Group Policy Object that enables the Windows Firewall to allow inbound Remote Desktop Exceptions.

C. Ensure that the employee’s device is joined to the domain.

D. In Computer Management, add the Authenticated Users group to the Remote Users group.

Answer: D

Q17. DRAG DROP 

Your organization is deploying new Windows 10 devices. You create a new organizational unit that contains all Windows 10 devices.

You are preparing a new security policy for Windows 10 devices. Your organization requires audits on the use of removable storage devices on personal devices.

You need to enable audits of removable storage.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Q18. HOTSPOT

A company integrates Microsoft Intune with System Center 2012 R2 Configuration Manager. The company uses Intune to manage Windows 7 and Windows 10 devices along with mobile devices. Users access company data by using iOS, OS X, Windows Phone, and Android devices.

The company plans to use features of the Microsoft Enterprise Mobility Suite to increase user mobility and ensure data protection. All users must be able to run a custom 32-bit Windows app. The app cannot be migrated.

You need to ensure that the app is accessible from all devices.

In the table below, for each technology, identify which feature to implement.

NOTE: Make only one selection in each column. Each correct answer is worth one point.

Answer:

Q19. A company has tablet devices that run Windows 10. You configure auditing for devices. You need to determine which audit policies are configured on the devices.

What should you do?

A. At a command prompt, run the following command:auditpol

B. Run the following Windows PowerShell cmdlet:Get-AdminAuditLogConfig

C. At a command prompt, run the following command:Dsget

D. At a command prompt, run the following command:Winrm

E. Run the following Windows PowerShell cmdlet:Get-AuditLogSearch

Answer: A

ProseWare Inc.

Background

ProseWare, Inc.is a software company that specializes in developing smartphone apps that work on multiple platforms. The main office for the company is located in Atlanta. The company has branch offices in Tokyo and Paris.

The company recently published a new game. The game has sold over 10 million copies in

the first year. In the same period, 25 million copies of the free version of the game were downloaded. ProseWare also developed a user productivity app named MyNotesPro.

Employees

Due to the massive demand for the game and for potential new versions and features, ProseWare plans to increase their staff from 100 to 1,000 employees. The employees will be evenly distributed between the three locations. Each employee will have a tablet device that runs Windows 10.

ProseWare plans to connect all offices together by using high-speed internet links. Each employee will be issued a smartphone that runs Apple iOS, Android, or Windows 10. The quality assurance (QA) department includes 50 employees. Each QA department employee will be issued three smartphone devices, one device for each of the operating systems. ProseWare uses Microsoft Intune to manage devices. The company has joined the Apple Device Enrollment program.

Current environment

You create a virtual machine (VM) named RemApp1 in Microsoft Azure by using the Windows Server Remote Desktop Session Host gallery image. Users in the Training department connect to the VM and run several training apps.

You have a file server named FILER01 that runs Windows Server 2012 R2.

In Azure, you create a virtual network and a DNS record. You implement directory synchronization between the on-premises domain and Azure.

You have purchased Remote Desktop Services Client Access Licenses.

Business Requirements

All employees will be given access to a suite of ProseWare premium apps that includes MyNotesPro. You must provide access to the apps by using Azure RemoteApp.

The Atlanta corporate headquarters performs training on a weekly basis for all Tokyo and Paris employees. The training is conducted by using Microsoft Skype for Business on Windows 10 Enterprise devices. You configure the devices to display content in the respective language for the location. Some of the trainers in Atlanta speak Japanese or French.

The Chief Technology Officer requires the following reports:

Technical Requirements

Employees must be able to download and install the appropriate RemoteApp client for their specific mobile device. The procedure for installing RemoteApp clients differs for each mobile operating system. All users must have access to the Azure RemoteApp infrastructure on their mobile devices in order to access the ProseWare premium apps.

All apps must be centrally managed and updated. You must ensure that the apps are available to all employees. Employees must install all apps from a common source location. The ProseWare apps must only be installed on employee devices.

You must import RemApp1 into the Azure RemoteApp Template Image Library. RemApp1 will host the Proseware premium apps.

Some of the apps must be able to access data kept in the on-premises servers at the Atlanta office.

You must design a Work Folders solution on a FILER01. You have the following requirements:

*You must encrypt all data that is synchronized.

*You must synchronize settings every 60 minutes.

*You must restrict the size of each file that is synchronized to 5 gigabytes.

Q20. DRAG DROP 

Your organization needs to implement a Dynamic Access Control (DAC) plan that includes user and device claims.

The domain controllers have not been enabled to provide claims and compound authentication.

You need to configure the Default Domain Controller’s Group Policy Object to provide claims and compound authentication.

You decide to first enable the domain controllers to provide claims and compound authentication on request.

In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

Answer: