Download Windows 10.DrunkMonk.MD-100.2021-07-18.6e.209q.vcex

Download Exam

File Info

Exam Windows 10
Number MD-100
File Name Windows 10.DrunkMonk.MD-100.2021-07-18.6e.209q.vcex
Size 17.29 Mb
Posted July 18, 2021
Downloads 12
Download Windows 10.DrunkMonk.MD-100.2021-07-18.6e.209q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

Your company has an isolated network used for testing. The network contains 20 computers that run Windows 10. The computers are in a workgroup. During testing, the computers must remain in the workgroup. 
You discover that none of the computers are activated. 
You need to recommend a solution to activate the computers without connecting the network to the Internet. 
What should you include in the recommendation?

  • A: Volume Activation Management Tool (VAMT)
  • B: Key Management Service (KMS)
  • C: Active Directory-based activation
  • D: the Get-WindowsDeveloperLicense cmdlet

Correct Answer: A

A. Volume Activation Management Tool (VAMT) (correct) 
B. Key Management Service (KMS) (needs more than 25 computers) 
C. Active Directory-based activation (needs to be domain member) 
D. the Get-WindowsDeveloperLicense cmdlet (shows developer license) 
Reference:
https://docs.microsoft.com/en-us/windows/deployment/volume-activation/introduction-vamt




Question 2

You plan to deploy Windows 10 to 100 secure computers. 
You need to select a version of Windows 10 that meets the following requirements:
Uses Microsoft Edge as the default browser 
Minimizes the attack surface on the computer 
Supports joining Microsoft Azure Active Directory (Azure AD) 
Only allows the installation of applications from the Microsoft Store 
What is the best version to achieve the goal? More than one answer choice may achieve the goal.  
Select the BEST answer.

  • A: Windows 10 Pro in S mode
  • B: Windows 10 Home in S mode
  • C: Windows 10 Pro
  • D: Windows 10 Enterprise

Correct Answer: A

Windows 10 in S mode is a version of Windows 10 that's streamlined for security and performance, while providing a familiar Windows experience. To increase security, it allows only apps from the Microsoft Store, and requires Microsoft Edge for safe browsing. 
Azure AD Domain join is available for Windows 10 Pro in S mode and Windows 10 Enterprise in S mode. 
It's not available in Windows 10 Home in S mode. 
References:
https://docs.microsoft.com/es-es/windows/deployment/s-mode
https://support.microsoft.com/en-gb/help/4020089/windows-10-in-s-mode-faq




Question 3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
You have a computer named Computer1 that runs Windows 10. 
A service named Application1 is configured as shown in the exhibit:

    

You discover that a user used the Service1 account to sign in to Computer1 and deleted some files. You need to ensure that the identity used by Application1 cannot be used by a user to sign in to sign in to the desktop on Computer1.  
The solution must use the principle of least privilege.  
Solution: On Computer1, you configure Application1 to sign in as the LocalSystem account and select the Allow service to interact with desktop check box. You delete the Service1 account. 
Does this meet the goal?

  • A: Yes 
  • B: No

Correct Answer: B

Configuring Application1 to sign in as the LocalSystem account would ensure that the identity used by Application1 cannot be used by a user to sign in to the desktop on Computer1. However, this does not use the principle of least privilege. The LocalSystem account has full access to the system. Therefore, this solution does not meet the goal. 
References:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/deny-log-on-locally




Question 4

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
You have a computer named Computer1 that runs Windows 10. 
A service named Application1 is configured as shown in the exhibit:

    

You discover that a user used the Service1 account to sign in to Computer1 and deleted some files. You need to ensure that the identity used by Application1 cannot be used by a user to sign in to sign in to the desktop on Computer1.  
The solution must use the principle of least privilege.  
Solution: On Computer1, you assign Service1 the deny log on as a service user right.
Does this meet the goal?

  • A: Yes
  • B: No 

Correct Answer: A

By using the Service1 account as the identity used by Application1, we are applying the principle of least privilege as required in this question. 
However, the Service1 account could be used by a user to sign in to the desktop on the computer. To sign in to the desktop on the computer, an account needs the log on locally right which all user accounts have by default. Therefore, we can prevent this by assigning Service1 the deny log on locally user right. 
References:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service




Question 5

You have a Microsoft Azure Active Directory (Azure AD) tenant. Some users sign in to their computer by using Windows Hello for Business.  
A user named User1 purchases a new computer and joins the computer to Azure AD. User1 attempts to configure the sign-in options and receives the error message shown in the exhibit 

    

You open Device Manager and confirm that all the hardware works correctly. You need to ensure that User1 can use Windows Hello for Business facial recognition to sign in to the computer. 
What should you do first?

  • A: Purchase an infrared (IR) camera.
  • B: Upgrade the computer to Windows 10 Enterprise.
  • C: Enable UEFI Secure Boot. 
  • D: Install a virtual TPM driver.

Correct Answer: A

Windows Hello facial recognition requires an infrared (IR) camera. If your device does not have an infrared camera (or any other biometric device such as a fingerprint scanner), you will see the message shown in the exhibit. The question states that Device Manager shows all hardware is working properly. Therefore, it is not the case that the computer has an IR camera but it isn't working properly. The problem must be that the computer does not have an IR camera. 
Incorrect Answers:
B: Windows 10 Enterprise is not required for Windows Hello. Windows Hello also works on Windows 10 Pro. 
C: UEFI Secure Boot is not required for Windows Hello.
D: A virtual TPM driver is not required for Windows Hello.
References:
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-planning-guide




Question 6

Your company uses Microsoft Deployment Toolkit (MDT) to deploy Windows 10 to new computers. 
The company purchases 1,000 new computers. 
You need to ensure that the Hyper-V feature is enabled on the computers during the deployment.  
What are two possible ways to achieve the goal?  
Each correct answer presents part of the solution. 
NOTE: Each correct selection is worth one point.

  • A: Add a task sequence step that adds a provisioning package.
  • B: In a Group Policy object (GPO), from Computer Configuration, configure Application Control Policies.
  • C: Add a custom command to the Unattend.xml file.
  • D: Add a configuration setting to Windows Deployment Services (WDS).
  • E: Add a task sequence step that runs dism.exe.

Correct Answer: CE

A common way to add a feature such as Hyper-V in MDT is to use the Install Roles and Features task sequence action. However, that is not an option in this question. 
The two valid options are to a command to the Unattend.xml file or to add a task sequence step that runs dism.exe. 
To add Hyper-V using dism.exe, you would run the following dism command:
DISM /Online /Enable-Feature /All /FeatureName:Microsoft-Hyper-V
References:
https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/create-a-windows-10-reference-image  
https://mdtguy.wordpress.com/2016/09/14/mdt-fundamentals-adding-features-using-dism-from-within-the-task-sequence/  
https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v




Question 7

Your network contains an Active Directory domain that is synced to a Microsoft Azure Active Directory (Azure AD) tenant. 
Your company purchases a Microsoft 365 subscription. 
You need to migrate the Documents folder of users to Microsoft OneDrive for Business. 
What should you configure?

  • A: One Drive Group Policy settings
  • B: roaming user profiles
  • C: Enterprise State Roaming
  • D: Folder Redirection Group Policy settings

Correct Answer: A

You need to configure a Group Policy Object (GPO) with the OneDrive settings required to redirect the Documents folder of each user to Microsoft 365. 
Importing the OneDrive group policy template files into Group Policy adds OneDrive related settings that you can configure in your Group Policy. 
One of the group policy settings enables you to redirect 'Known Folders' to OneDrive for business. Known folders are Desktop, Documents, Pictures, Screenshots, and Camera Roll. 
There are two primary advantages of moving or redirecting Windows known folders to OneDrive for the users in your domain:
Your users can continue using the folders they're familiar with. They don't have to change their daily work habits to save files to OneDrive. 
Saving files to OneDrive backs up your users' data in the cloud and gives them access to their files from any device. 
References:
https://docs.microsoft.com/en-us/onedrive/redirect-known-folders?redirectSourcePath=%252fen-us%252farticle%252fredirect-windows-known-folders-to-onedrive-e1b3963c-7c6c-4694-9f2f-fb8005d9ef12




Question 8

Your network contains an Active Directory domain. The domain contains a user named User1. 
User1 creates a Microsoft account. 
User1 needs to sign in to cloud resources by using the Microsoft account without being prompted for credentials. 
Which settings should User1 configure?

  • A: User Accounts in Control Panel
  • B: Email & app accounts in the Settings app
  • C: Users in Computer Management
  • D: Users in Active Directory Users and Computers

Correct Answer: B

Open the Setting app, select Accounts then select Email and accounts. Here you can add accounts for the cloud resources and configure the login credentials for the accounts. If you configure the accounts with the login credentials of the Microsoft account, you won't be prompted for credentials when you open the apps. 
References:
https://support.microsoft.com/en-za/help/4028195/microsoft-account-how-to-sign-in




Question 9

You have an Azure Active Directory (Azure AD) tenant named contoso.com. You have a workgroup computer named Computer1 that runs Windows 10. 
You need to add Computer1 to contoso.com. 
What should you use? 

  • A: Computer Management
  • B: dsregcmd.exe
  • C: the Settings app
  • D: netdom.exe

Correct Answer: C

You join a computer to a domain, including an Azure AD domain in the Settings panel in Windows 10, under System->About 
References:
https://aadguide.azurewebsites.net/aadjoin/




Question 10

You have a computer that runs Windows 10. 
You need to configure a picture password. 
What should you do?

  • A: From Control Panel, configure the User Accounts settings.
  • B: From the Settings app, configure the Sign-in options.
  • C: From the Local Group Policy Editor, configure the Account Policies settings.
  • D: From Windows PowerShell, run the Set-LocalUser cmdlet and specify the InputObject parameter.

Correct Answer: B

Reference:
https://www.iolo.com/resources/articles/how-to-use-picture-passwords-in-windows-10/










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files