Download Windows 10 Practice Questions with Solutions and more Exams Computer Science in PDF only on Docsity!
MD 100 Practice Questions with
Complete Solutions
Your company has an isolated network used for testing. The network contains 20 computers that run Windows 10. THe computers are in a workgroup. During testing, the computers must remain in the workgroup. You discover that none of the computers are activated.
You need to recommend a solution to activate the computers without connecting the network to the internet.
What should you include in the recommendation?
A. Volume Activation Management Tool (VAMT)
B. Key Management Service (KMS)
C. Active Directory-Based activation
D. The Get-WindowsDeveloperLicense cmdlet ✔✔A. Volume Activation Management Tool - It
allows for a proxy to reach out on behalf of all devices for activation.
(The answer is not KMS requires a minimum of 25 clients before it can be used for activation)
You plan to deploy Windows 10 to 100 secure computers. You need to select a version of Windows 10 that meets the following requirements:
-Uses Microsoft Edge as the default browser.
-Minimizes the attack surface on the computer.
-Supports joining Microsoft Azure Active Directory (Azure AD).
-Only allows the installation of applications from the Microsoft Store.
What is the best version too achieve the goal?
A. Windows 10 Pro in S Mode
B. Windows 10 Home in S Mode
C. Windows 10 Pro
D. Windows 10 Enterprise ✔✔A. Windows 10 Pro in S Mode - it supports Domain joining with
edge as the default browser.
(B. Windows 10 Home in S mode does NOT support Domain Join... C. Windows 10 Pro does NOT support Domain Join Either...)
You have a computer named Computer1 that runs Windows 7. Computer1 has a local user named User1 who has a customized profile. On Computer1, you perform a clean installation of Windows 10 without formatting the drives. You need to migrate the settings of User1 from Windows 7 to Windows 10.
Which two action should you perform?
- Run scanstate.exe specifying C:\Windows.old
- Run Loadstate.exe specifying C:\Users
- PSexec.exe -/Load
Your company uses Microsoft Deployment Toolkit (MDT) to deploy Windows 10 to new computers. The company purchases 1,000 new computers. You need to ensure that the Hyper-V feature is enabled on the computers during the deployment.
What are two possible ways to achieve the goal?
A. Add a task sequence step that adds a provisioning package.
B. In a Group Policy object (GPO), from Computer COnfiguration, configure Application Control Policies.
C. Add a custom command to the unattended.xml file.
D. Add a configuration setting to the Windows Deployment Services (WDS).
E. Add a task sequence step that runs DISM.exe. ✔✔NEED TO LOOK UP ITS QUESTION 8
Discussion BOARD PICTURE
Your network contains an Active Directory domain that is synced to a Microsoft Azure ACtive Directory (Azure AD) tenant. You company purchases a Microsoft 365 subscription. You need to migrate the Documents folder of users to Microsoft OneDrive for Business.
What should you Configure?
A. One Drive Group Policy Settings.
B. roaming user profiles.
C. Enterprise state Roaming.
D. Folder Redirection Group Policy Settings. ✔✔A. One Drive group Policy Settings.
You have a computer named Computer1 that runs Windows 10. The computer contains a folder that contains sensitive Data. YOu need to log which user reads the contents of the folder and modifies and deletes files in the folder.
Solution: From the properties of the folder, you configure the auditing settings and from Audi Policy in the local group Policy you configure Audit Object Access. Does this meet the goal?
A. Yes.
B. No. ✔✔A. Yes.
You have a computer named Computer1 that runs Windows 10. The computer contains a folder that contains sensitive Data. YOu need to log which user reads the contents of the folder and modifies and deletes files in the folder.
Solution: From the properties of the folder, you configure the Auditing settings and from the Audit Policy in the local Group Policy, you configure Audi directory service access. Does this meet the goal?
A. Yes.
B. No. ✔✔B. No. - Folders and Files are objects, not directory services.
Your network contains an Active Directory Domain. The Domain contains 1,000 computers that run Windows 10. You discover that when users are on their lock screen, they see a different background image every day, along with tips for using different features in Windows 10. You need to disable the tips and the daily background image for all the Windows 10 computers. Which Group Policy settings should you modify?
A. Turn off the Windows Welcome Experience.
B. Turn off Windows Spotlight on Settings.
C. Do not suggest third-party content in Windows Spotlight.
D. Turn off all Windows spotlight features. ✔✔D. Turn off all Windows Spotlight Features.
You have a file named Reg1.reg that contains the following content.
" Windows Registry Editor Version 5.
[HKEY_Classes_Root\Directory\Background\Shell\Notepad]
[HKEY_Classes_Root\Directory\Background\Shell\Notepad\command] @="notepad.exe" "
What is the effect of importing the file?
A. A key named command will be renamed as notepad.exe
B. In a key named Notepad, the command value will be set to @="notepad.exe"
C. In a key named command, the default value will be set to notepad.exe. ✔✔NEED TO LOOK
THIS UP. QUESTION 7.
You have a computer named Computer1 that runs Windows 10. On Computer1, you create the local users shown in the following table.
Name: Member Of:
User1. Users
User2. Users, Guests
User3. Power Users, Guest
User4. Guests, Users, Administrators
User5. Users, Distributed COM Users
Which three user profiles will persist after each user signs out?
A. User
B. User
C. User
D. User
E. User5 ✔✔A. User 1
D. User
D. Create a script that runs the New-MsoIUser cmdlet and the ADd- ADComputerServiceAccount cmdlet. ✔✔NEED TO LOOK UP, because can workgroups have
GPOs?
C. Create a Group Policy Object (GPO) that contains the Local User Group Policy preference.
-Group Policy "preferences" is client/local based. Group Policy "Preferences" are Domain Based....
You have several computers that run Windows 10. THe computers are in a workgroup and have BitLocker Drive Encryption enabled. You join the computers to Microsoft Azure AD. You need to ensure that you can recover the BitLocker recovery key for the computers from Azure AD. What Should you do first?
A. Disable BitLocker.
B. Add a BitLocker key protector.
C. Suspect BitLocker.
D. Disable the TPM chip. ✔✔B. Add a BitLocker key Protector.
You have several computers that run Windows 10. The Computers are in a workgroup and have BitLocker Drive Encryption enabled. You join the computers to Microsoft Azure AD. You need to ensure that you can recover the BitLocker recovery key for the computers from Azure AD. What should you do first?
A. Disable BitLocker.
B. Add a BitLocker Key Protector.
C. Suspend BitLocker.
D. Disable the TMP Chip. ✔✔B. Add a BitLocker Key Protector.
Your network contains an Active Directory Forest. The first contains a root domain named contest.com and a child domain named corp.contoso.com. You have a computer named Computer1 that runs Windows 10. Computer1 is joined to the corp.contoso.com domain. Computer1 contains a folder named Folder1. In the Security settings of Folder1, Everyone is assigned the Full control permissions. On Computer1, you share Folder1 as Share1 and assign the Read permissions for Share1 to the Users group. For each of the following statements, select yes if the statement is true. Otherwise select No.
- All local users on Computer1 have read access to \Computer1\Share1 - ______
- All users in the corp.contoso.com Domain have read access to \Computer1\Share1 - ______
- All the users in the contoso.com Domain have read access to \Computer1\Share1 - ______ ✔✔1. All local users on Computer1 have read access to \Computer1\Share1 - YES
- All users in the corp.contoso.com Domain have read access to \Computer1\Share1 - YES
- All the users in the contoso.com Domain have read access to \Computer1\Share1 - NO
You have a computer named Computer1 that runs Windows 10. You need to prevent standard users from changing the wireless network settings on Computer1. The solution must allow Administrators to modify the wireless network settings. What should you use?
A. Windows Configuration Designer.
B. MSConfig.
C. Local Group Policy Editor.
D. An MMC console that has the Group Policy Object Editor snap-in. ✔✔C. Local Group Policy Editor.
You have three computers that run Windows 10 as shown:
NAME. TPM VERSION. OS
Computer1. NONE. WIN10-Enterprise
Computer2. 2.0. WIN10-Pro
Computer3. 1.2. WIN10-Enterprise
All the computers have C and D volumes. The require additional authentication at startup Group Policy Setting is disabled on all the computers. Which volumes can you encrypt by using BitLocker Drive Encryption? ✔✔Because TPM is required for BitLocker:
Computer 2 & 3 for Drives C & D.
A user named User1 has a computer named Computer1 that runs Windows 10. Computer1 is joined to an AzureAD tenant named contoso.com. User1 joins Computer1 to contoso.com by using user1@contoso.com.Computer1 contains a folder named Folder1. Folder1 is in drive C and is shared as Share1. Share1 has the permissions :
Everyone = Full Control.
AzureAD\User1@contoso.com = Owner
A user named User2 has a computer named Computer2 that runs Windows 10. User2 joins Computer2 to contoso.com by using User2@contoso.com. User2 attempts to access Share1 and receives the following error message: "The username or password is incorrect.". You need to ensure that User2 can connect to Share1.
Possible Solution: In AzureAD, you create a group named Group1 that contains User1 and
User2. You grant Group1 Change access to Share1. Does this meet the goal? ✔✔NO - you
cannot create local file share permissions through Azure AD.
A user named User1 has a computer named Computer1 that runs Windows 10. Computer1 is joined to an AzureAD tenant named contoso.com. User1 joins Computer1 to contoso.com by using user1@contoso.com.Computer1 contains a folder named Folder1. Folder1 is in drive C and is shared as Share1. Share1 has the permissions :
Everyone = Full Control.
Possible Solution: In AzureAD, you create a group named Group1 that contains User1 and User2. You grant Group1 Modify access to Share1. Does this meet the goal? ✔✔Yes - LOOK it
up...
You have a computer named Computer1 that runs Windows 10. Computer1 contains a folder named Folder1. You need to log any users who take ownership of the files in Folder1. Which two actions should you perform?
A. Modify the folder attributes of Folder1.
B. Modify the advanced Security Settings for Folder1.
C. From a Group Policy Object (GPO), Configure the Audit Sensitive Privilege User Settings.
D. From a Group Policy Object (GPO), Configure the Audit File System Setting.
E. Install the Remote Server Administration Tools (RSAT). ✔✔B. Modify the advanced Security
Settings for Folder1.
C. From a Group Policy Object (GPO), Configure the Audit Sensitive Privilege User Settings.
You are a network administrator at your company. The Company uses an application that checks for network connectivity to a server by sending a ping request to the IPv6 address of the server replies, the application loads. A user cannot open the application. You manually send the ping request from the computer of the user and the server does not reply. You send the ping request
from your computer and the server replies. You need to ensure that the ping request works from the user's computer. Which Windows Defender Firewall rule is a possible cause of the issue?
A. File and Printer Sharing (NB-DATAGRAM-IN)
B. File and Printer Sharing (Echo Request ICMPv6-Out)
C. File and Printer Sharing (NB-Datagram-Out)
D. File and Printer Sharing (Echo Request ICMPv6-In) ✔✔D. File and Printer Sharing (Echo
Request ICMPv6-In)
Your network contains an Active Directory Domain. The domain contains computers that run Windows 10. You need to provide a user with the ability to remotely create and modify shares on the computers. The solution must use the principle of least privilege. To which group should you add the user?
A. Power Users.
B. Remote Management Users.
C. Administrators.
D. Network Configuration Operators. ✔✔C. Administrators - Although Power Users can manage
shares, they cannot do so remotely, so they would need to be ADMIN to do both.
You have a computer named Computer1 that runs Windows 10. Computer1 belongs to a workgroup. You run the following commands on Computer1.
C. The Settings App
D. A Group Policy Preference ✔✔B. The Local Group Policy
- Policy Enforces, Preference is a suggestion.
- It is joined to Azure AD but Intune MDM policy is not an option so that implies it is not set up on the Network so local group policy is the best answer.
You have a public computer named Computer1 that runs Windows10. Computer1 contains a folder named Folder1. You need to provide a user named User1 with the ability to modify the permissions of Folder1. The solution must use the principle of least privilege. Which NTFS permission should you assign to User1?
A. Full Control.
B. Modify.
C. Write.
D. Read & Execute. ✔✔A. Full Control.
- In order to change permissions of others, you need the "Full Control" user right. Modify does NOT allow permission level changes.
Your company has a wireless access pint that uses WPA2-Enterprise. You need to configure a computer to connect tot eh wireless access point. What should you do first?
A. Create a provisioning package in Windows Configuration Designer.
B. Request a pass phrase.
C. Request and install a certificate.
D. Create a connection Manager Administration Kit (CMAK) package. ✔✔B. Request a
Passphrase.
- First get the passphrase, second get the certificate.
A user named User1 has a computer named Computer1 that runs Windows10. Users1 connects to a Microsoft Azure virtual machine named VM1 by using Remote Desktop. User1 creates a VPN connection to a partner organization. When the VPN connection is stabled, User1 cannot connect to VM1. When User1 disconnects from the VPN, the user can connect to VM1. You need to ensure that User1 can connect to VM1 while connected to the VPN. What should you do?
A. From the proxy Settings, Add the IP address to VM1 to the bypass list to bypass the proxy.
B. From the properties of VPN1, clear the Use Default gateway on Remote network check box.
C. From the properties of the Remote Desktop connection to VM1, specify a Remote Desktop Gateway (RD Gateway).
D. From the properties of VPN1, configure a static default gateway address. ✔✔B. From the
Properties of VPN1, clear the Use default gateway on remote network check box.
