Your network contains an Active Directory domain named adatum.com. The domain contains a file server named Server1 that runs Windows Server 2016.
You have an organizational unit (OU) named OU1 that contains Server1.
You create a Group Policy object (GPO) named GPO1 and link GPO1 to OU1.
A user named User1 is a member of group named Group1. The properties of User1 are shown in the User1 exhibit (Click the Exhibit button.)

User1 has permissions to two files on Server1 configured as shown in the following table.

From Auditing Entry for Global File SACL, you configure the advanced audit policy settings in GPO1 as shown in the SACL exhibit (Click the Exhibit button.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Correct Answer:

Explanation
From File Explorer, when User1 double-clicks File1.doc. an event will be logged: Yes From File Explorer, when User1 double-clicks File2.doc. an event will be logged: No From Microsoft Word, when User1 attempts to save changes to File1.doc, an event will be logged: No From the SACL, only Successful operations by User1 will be logged "Type: Success".

Comment: *

Name: *

Email: *

Verification: *

Your network contains an Active Directory domain named contoso.com. The domain contains 100 servers.
You deploy the Local Administrator Password Solution (LAPS) to the network
You need to view the password of the local administrator of a server named Server5.
Which tool should you use?

• A.Active Directory Users and Computers
• B.Computer Management
• C.Accounts from the Settings app
• D.Server Manager

Comment: *

Name: *

Email: *

Verification: *

Your network contains an Active Directory domain named adatum.com.
You have a backup of a Group Policy object (GPO) named GPO1 that has the following settings:
* Change the system time: User1
* Minimum password length: 12 characters
* Password must meet complexity requirements: Disabled
You have a backup of a GPO named GPO2 that has the following settings:
* Change the system time: User2
* Minimum password length: 7 characters
* Password must meet complexity requirements: Not Defined
You create a GPO named GP03 that has the following settings:
* Change the system time: User3
* Minimum password length: 9 characters
* Password must meet complexity requirements: Enabled
You import the GPO1 settings into GP03, and then you import the GPO2 settings into GPO3. You need to identify the GPO3 settings after the imports.
What should you identity? To answer. select the appropriate options of the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

References:
https://searchwindowsserver.techtarget.com/feature/Group-Policy-Management-Console

Comment: *

Name: *

Email: *

Verification: *

You have a Hyper-V host named Server1 that runs Windows Server 2016. A new security policy states that all the virtual machines must be encrypted.
Server1 hosts the virtual machines configured as shown in the following table.

An administrator runs the following commands.
Get -VM | Stop-VM
Get -VM | Update-VMVersion
Get -VM | Start-VM
For each of the following statements, Select Yes, if the statement is true. Otherwise Select No.

Correct Answer:

Explanation
You can configure VM1 as an encryption-supported virtual machine: Yes
You can configure VM2 as an encryption-supported virtual machine: Yes
You can configure VM3 as an encryption-supported virtual machine: Yes
After the "Update-VMVersion" is executed against all three virtual machines, they become:-VM1 Generation
2 Version 8VM2 Generation 1 Version 8VM3 Generation 2 Version 8Pay attention to VM2, and the question has not mention to use TPM protector. You can configure this VM asEncryption Supported by using a Key Storage Driveadded to the virtual machine setting.

Within the guest, there is no Virtual TPM

Then , start Encrypt the C system drive with the guest 2012R2 bitlocker feature

After the encryption is completed:-

Comment: *

Name: *

Email: *

Verification: *

You have a Hyper-V host named Server1 that runs Windows Server 2016.
Server1 hosts the virtual machines configured as shown in the following table.

All the virtual machines have two volumes named C and
D. You plan to implement BitLocker Drive Encryption (BitLocker) on the virtual machines. Which virtual machines can have their volumes protected by using BitLocker? Choose Two.

• A.Virtual machines that can have volume C protected by using BitLocker and a Trusted Platform Module (TPM) protector: VM3 only
• B.Virtual machines that can have volume C protected by using BitLocker and a Trusted Platform Module (TPM) protector: VM1 and VM3 only
• C.Virtual machines that can have volume C protected by using BitLocker and a Trusted Platform Module (TPM) protector: VM2 and VM3 only
• D.Virtual machines that can have volume C protected by using BitLocker and a Trusted Platform Module (TPM) protector: VM2 and VM4 only
• E.Virtual machines that can have volume C protected by using BitLocker and a Trusted Platform Module (TPM) protector: VM2, VM3 and VM4 only
• F.Virtual machines that can have volume C protected by using BitLocker and a Trusted Platform Module (TPM) protector: VM1, VM2, VM3 and VM4
• G.Virtual machines that can have volume D protected by using BitLocker: VM3 only
• H.Virtual machines that can have volume D protected by using BitLocker: VM1 and VM3 only
• I.Virtual machines that can have volume D protected by using BitLocker: VM2 and VM3 only
• J.Virtual machines that can have volume D protected by using BitLocker: VM2 and VM4 only
• K.Virtual machines that can have volume D protected by using BitLocker: VM2, VM3 and VM4 only
• L.Virtual machines that can have volume D protected by using BitLocker: VM1, VM2, VM3 and VM4

Correct Answer: A,G

https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/upgrade-virtual-machine-versionin-hyper-v-on-windows-or-windows-server To use Virtual TPM protector for encrypting C: drive, you have to use at least VM Configuration Version 7.0 and Generation 2 Virtual machines.


https://www.howtogeek.com/howto/6229/how-to-use-bitlocker-on-drives-without-tpm/ If you don't use TPM for protecting a drive, there is no such Virtual TPM or VM Generation, or VM Configuration version requirement, you can even use Bitlocker without TPM Protector with earlier versions of Windows.

Comment: *

Name: *

Email: *

Verification: *