Microsoft 70-680 Free Practice Questions

Answer: D 

Explanation: 

Secure Socket Tunneling Protocol Secure Socket Tunneling Protocol (SSTP) is a new form of VPN tunnel with features that allow traffic to pass through firewalls that block PPTP and L2TP/IPsec traffic. SSTP provides a mechanism to encapsulate PPP traffic over the SSL channel of the HTTPS protocol. The use of PPP allows support for strong authentication methods such as EAP-TLS. The use of HTTPS means traffic will flow through TCP port 443, a port commonly used for Web access. Secure Sockets Layer (SSL) provides transport-level security with enhanced key negotiation, encryption, and integrity checking. 

Answer:  

Answer: A 

Explanation: 

Reset Internet Explorer settings By resetting Internet Explorer settings, you return Internet Explorer to the state it was in when it was first installed on your computer. This is useful for troubleshooting problems that might be caused by settings that were changed after installation. When you delete personal settings, some webpages that rely on previously stored cookies, form data, passwords, or previously installed browser add-ons might not work correctly. Resetting Internet Explorer to its default settings does not delete your favorites, feeds, Web Slices, and a few other personalized settings. See the table below for a complete list of all settings and information about whether they are reset or maintained. Resetting Internet Explorer's settings is not reversible. After a reset, all previous settings are lost and cannot be recovered. Rather than resetting everything, you might want to reset specific settings or delete your webpage history. For more information, see the links at the bottom of this topic. 

To reset Internet Explorer settings 

1. Close any Internet Explorer or Windows Explorer windows that are currently open. 

2. Click to open Internet Explorer. 

3. Click the Tools button, and then click Internet Options. 

4. Click the Advanced tab, and then click Reset. 

5. Select the Delete personal settings check box if you would like to remove browsing history, search providers, Accelerators, home pages, and InPrivate Filtering data. 

6. In the Reset Internet Explorer Settings dialog box, click Reset. 

7. When Internet Explorer finishes restoring the settings, click Close, and then click OK. 

8. Close Internet Explorer. 

Your changes will take effect the next time you open Internet Explorer. 

Answer: B 

Explanation: 

Use Windows Update to Check for Updates to other Microsoft Products By default, Windows Update can download and install updates for Windows 7 and features that are part of the operating system (such as Internet Explorer). You can also merge the functionality of Microsoft Update—a service for managing updates to Microsoft Office and several other Microsoft products—into Windows Update so that you no longer need to visit Office Online to get updates.If you do not already have Windows Update integrated with Microsoft Update, you will see the message "Get updates for other Microsoft products" on the Windows Update home page. To enable checking for other products, click the Find Out More option shown beside this message. This will take you to the Microsoft Update site for some quick installation steps. You only need to do this once. Thereafter, the Windows Update home page will indicate that you receive updates "For Windows and other products from Microsoft Update." 

Answer: A 

Explanation: 

ReadyBoostWindows 7 supports Windows ReadyBoost. This feature uses external USB flash drives as a hard disk cache to improve disk read performance. Supported external storage types include USB thumb drives, SD cards, and CF cards. Since ReadyBoost will not provide a performance gain when the primary disk is an SSD, Windows 7 disables ReadyBoost when reading from an SSD drive. External storage must meet the following requirements: 

-Capacity of at least 256 MB, with at least 64 kilobytes (KB) of free space.The 4-GB limit of Windows Vista has been removed. 

-At least a 2.5 MB/sec throughput for 4-KB random reads 

-At least a 1.75 MB/sec throughput for 1-MB random writes 

Answer: A 

Explanation: 

Shadow info: 

Shadow copies are automatically saved as part of a restore point. If system protection is enabled, Windows 7 automatically creates shadow copies of files that have been modified since the last restore point was created. By default, new restore points are created every seven days or whenever a significant system change (such as a driver or application installation) occurs. 

NOT Disk Quota:Does not directly affect size of System Restore Points. 

Answer: D 

Explanation: 

MigApp.xml This file contains rules about migrating application settings. These include Accessibility settings, dial-up connections, favorites, folder options, fonts, group membership, Open Database Connectivity (ODBC) settings, Microsoft Office Outlook Express mailbox files, mouse and keyboard settings, phone and modem options, Remote Access Service (RAS) connection phone book files, regional options, remote access, screensaver settings, taskbar settings, and wallpaper settings.(Include) /i:[Path\]FileName Specifies an .xml file that contains rules that define what user, application or system state to migrate. You can specify this option multiple times to include all of your .xml files (MigApp.xml, MigUser.xml and any custom .xml files that you create). Path can be either a relative or full path. If you do not specify the Path variable, then FileName must be located in the current directory.NOT MigUser.xmlMigUser.xml This file contains rules about user profiles and user data. The default settings for this file migrate all data in My Documents, My Video, My Music, My Pictures, desktop files, Start Menu, Quick Launch settings, favorites, Shared Documents, Shared Video, Shared Music, Shared desktop files, Shared Pictures, Shared Start menu, and Shared Favorites. This file also contains rules that ensure that all the following file types are migrated from fixed volumes: .qdf, .qsd, .qel, .qph, .doc, .dot, .rtf, .mcw, .wps, .scd, .wri, .wpd, .xl*, .csv, .iqy, . dqy, .oqy, .rqy, .wk*, .wq1, .slk, .dif, .ppt*, .pps*, .pot*, .sh3, .ch3, .pre, .ppa, .txt, .pst, .one*, .mpp, .vsd, .vl*, .or6, .accdb, .mdb, .pub, .xla, .xlb and .xls. The asterisk ( *) represents zero or more characters. 

Answer: C 

Explanation: Ref: http://technet.microsoft.com/en-us/library/cc732509(v=WS.10).aspx 

Answer: C 

Answer: E 

Explanation: BitLocker supports multifactor authentication for operating system drives. If you enable BitLocker on a computer that has a TPM version 1.2, you can use additional forms of authentication with the TPM protection. BitLocker offers the option to lock the normal boot process until the user supplies a personal identification number (PIN) or inserts a USB device (such as a flash drive) that contains a BitLocker startup key, or both the PIN and the USB device can be required. These additional security measures provide multifactor authentication and help ensure that the computer will not start or resume from hibernation until the correct authentication method is presented. 

Answer: A,E,G 

Answer: C 

Explanation: 

To find out whether you're working offline: Offline files turn on automatically if you lose your network connection. A copy of your file is copied to your computer, and once your network connection is re-established, the two copies will be synchronized. To find out if you're working offline, do the following. 

1. Open the network folder that contains the file you are working on. 

2. Check the Details pane at the bottom of the window for the status. If the status is offline, you are working with a copy of the file on your computer. If the status in online, you are working with the file on the network. 

Answer: B 

Answer: B 

Explanation: 

AppLocker Application Control Policies AppLocker is a feature new to Windows 7 that is available only in the Enterprise and Ultimate editions of the product. AppLocker policies are conceptually similar to Software Restriction Policies, though AppLocker policies have several advantages, such as the ability to be applied to specific user or group accounts and the ability to apply to all future versions of a product. As you learned earlier in this chapter, hash rules apply only to a specific version of an application and must be recalculated whenever you apply software updates to that application. AppLocker policies are located in the Computer Configuration\Windows Settings\ Security Settings \Application Control Policies node of a standard Windows 7 or Windows Server 2008 R2 GPO. AppLocker relies upon the Application Identity Service being active. When you install Windows 7, the startup type of this service is set to Manual. When testing AppLocker, you should keep the startup type as Manual in case you configure rules incorrectly. In that event, you can just reboot the computer and the AppLocker rules will no longer be in effect. Only when you are sure that your policies are applied correctly should you set the startup type of the Application Identity Service to Automatic. You should take great care in testing AppLocker rules because it is possible to lock down a computer running Windows 7 to such an extent that the computer becomes unusable. AppLocker policies are sometimes called application control policies. AppLocker Application Control Policies - Publisher Rules Publisher rules in AppLocker work on the basis of the code-signing certificate used by the file's publisher. Unlike a Software Restriction Policy certificate rule, it is not necessary to obtain a certificate to use a publisher rule because the details of the digital signature are extracted from a reference application file. If a file has no digital signature, you cannot restrict or allow it using AppLocker publisher rules. Publisher rules allow you more flexibility than hash rules because you can specify not only a specific version of a file but also all future versions of that file. This means that you do not have to re-create publisher rules each time you apply a software update because the existing rule remains valid. You can also allow only a specific version of a file by setting the Exactly option.AppLocker Application Control Policies - Path RulesAppLocker path rules work in a similar way to Software Restriction Policy path rules. Path rules let you specify a folder, in which case the path rule applies to the entire contents of the folder, including subfolders, and the path to a specific file. The advantage of path rules is that they are easy to create. The disadvantage of path rules is that they are the least secure form of AppLocker rules. An attacker can subvert a path rule if they copy an executable file into a folder covered by a path rule or overwrite a file that is specified by a path rule. Path rules are only as effective as the file and folder permissions applied on the computer. 

Software Restriction Policies Software Restriction Policies is a technology available to clients running Windows 7 that is available in Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008. You manage Software Restriction Policies through Group Policy. You can find Software Restriction Policies in the Computer Configuration \Windows Settings\Security Settings\Software Restriction Policies node of a group policy. When you use Software Restriction Policies, you use the Unrestricted setting to allow an application to execute and the Disallowed setting to block an application from executing. You can achieve many of the same application restriction objectives with Software Restriction Policies that you can with AppLocker policies. The advantage of Software Restriction Policies over AppLocker policies is that Software Restriction Policies can apply to computers running Windows XP and Windows Vista, as well as to computers running Windows 7 editions that do not support AppLocker. The disadvantage of Software Restriction Policies is that all rules must be created manually because there are no built-in wizards to simplify the process of rule creation.Software Restriction Policies - Path Rules Path rules, allow you to specify a file, folder, or registry key as the target of a Software Restriction Policy. The more specific a path rule is, the higher its precedence. For example, if you have a path rule that sets the file C: \Program files\Application\App.exe to Unrestricted and one that sets the folder C:\Program files\Application to Disallowed, the more specific rule takes precedence and the application can execute. Wildcards can be used in path rules, so it is possible to have a path rule that specifies C:\Program files\Application\*.exe. Wildcard rules are less specific than rules that use a file's full path. The drawback of path rules is that they rely on files and folders remaining in place. For example, if you created a path rule to block the application C:\Apps\Filesharing.exe, an attacker could execute the same application by moving it to another directory or renaming it something other than Filesharing.exe. Path rules work only when the file and folder permissions of the underlying operating system do not allow files to be moved and renamed. Software Restriction Policies - Certificate Rules Certificate rules use a code-signed software publisher's certificate to identify applications signed by that publisher. Certificate rules allow multiple applications to be the target of a single rule that is as secure as a hash rule. It is not necessary to modify a certificate rule in the event that a software update is released by the vendor because the updated application will still be signed using the vendor's signing certificate. To configure a certificate rule, you need to obtain a certificate from the vendor. Certificate rules impose a performance burden on computers on which they are applied because the certificate's validity must be checked before the application can execute. Another disadvantage of certificate rules is that they apply to all applications from a vendor. If you want to allow only 1 application from a vendor to execute but the vendor has 20 applications available, you are better off using a different type of Software Restriction Policy because otherwise users can execute any of those other 20 applications. 

Answer: D