70-742 試験問題を無料オンラインアクセス

Your network contains an Active Directory domain.
You have a user account that is a member of the Domain Admins group.
You have 100 laptops that have a standard corporate image installed. The laptops are in workgroups and have random names.
A technician named Tech1 is assigned the task of joining the laptops to the domain. The computer accounts of each laptop must be in an organizational unit (OU) that is associated to the department of the user who will use the laptop. The laptop names must start with four characters indicating the department, followed by a fourdigit number.
Tech1 is a member of the Domain Users group only. Tech1 has the administrator logon credentials for all the laptops.
You need Tech1 to join the laptops to the domain. The solution must ensure that the laptops are named correctly, and the computer accounts of the laptops are in the correct OUs.
Solution: You pre-create the computer account of each laptop in Active Directory Users and Computers.
You instruct Tech1 to sign in to each laptop, to rename each laptop, and then to join each laptop to the domain by using System in Control Panel.
Does this meet the goal?

• A.No
• B.Yes

Your network contains an Active Directory forest named contoso.com
Your company plans to hire 500 temporary employees for a project that will last 90 days.
You create a new user account for each employee. An organizational unit (OU) named Temp contains the user accounts for the employees.
You need to prevent the new users from accessing any of the resources in the domain after 90 days.
What should you do?

• A.Create a Group Policy object (GPO) and link the GPO to the Temp OU. Modify the Password Policy settings of the GPO.
• B.Run the Get-ADUser cmdlet and pipe the output to the Set-ADUser cmdlet.
• C.Run the GET-ADOrganizationalUnit cmdlet and pipe the output to the Set-Date cmdlet.
• D.Create a group that contains all of the users in the Temp OU. Create a Password Setting object (PSO) for the new group.

You deploy a new certification authority (CA) to a server that runs Windows Server 2016.
You need to configure the CA to support recovery of certificates.
What should you do first?

• A.Assign the Request Certificates permission to the user account that will be responsible for recovering certificates.
• B.Modify the Recovery Agents settings from the properties of the CA.
• C.Configure the Key Recovery Agent template as a certificate template to issue.
• D.Modify the extensions of the OCSP Response Signing template

Your network contains an Active Directory domain named contoso.com.
You deploy a standalone root certification authority (CA) named CA1.
You need to auto enroll domain computers for certificates by using a custom certificate template.
What should you do first?

• A.Install a standalone subordinate CA.
• B.Modify the Policy Module for CA1.
• C.Install an enterprise subordinate CA.
• D.Modify the Exit Module for CA1.

You have a standalone root certification authority (CA).
You have a new security policy requirement specifying that any changes to the CA configuration must be logged.
You need to ensure that the CA meets the new security requirement.
Which two actions should you perform? Each correct answer presents part of the solution.

• A.From the Certification Authority console, modify the Certificate Managers settings for the CA.
• B.From the Certification Authority console, modify the Security settings for the CA.
• C.From Local Group Policy Editor, configure auditing for policy change.
• D.From Local Group Policy Editor, configure auditing for object access.
• E.From the Certification Authority console, modify the Auditing settings for the CA.