Microsoft 070-744 Actual Free Exam Questions & Community Discussion

  • Exam Code/Number: 070-744
  • Exam Name/Title: Securing Windows Server 2016
  • Certification Provider: Microsoft
  • Corresponding Certification: MCSA: Windows Server 2016
  • Exam Questions: 245
  • Updated On: Jul 17, 2026
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You deploy Windows Server 2016 to a server named Server1.
You need to ensure that you can run Windows Containers on Server1.
Solution: On server1, you install the DockerMsftProvider PowerShell and the Docker package. You restart the server.
Does this meet the goal?
Correct Answer: A Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2016.
You need to prevent NTLM authentication on Server1.
Solution: From a Group Policy, you configure the Security Options.
Does this meet the goal?
Correct Answer: A Vote an answer
Your network contains an Active Directory domain named contoso.com. The domain contains several Hyper-V hosts.
You deploy a server named Server22 to a workgroup. Server22 runs Windows Server 2016.
You need to configure Server22 as the primary Host Guardian Service server.
Which three cmdlets should you run in sequence?
Correct Answer: C,D,E Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com.
You are deploying Microsoft Advanced Threat Analytics (ATA).
You create a user named User1.
You need to configure the user account of User1 as a Honeytoken account.
Which information must you use to configure the Honeytoken account?
Correct Answer: C Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that has Microsoft Security Compliance Manager (SCM) 4.0 installed. The domain contains domain controllers that run Windows Server 2016.
A Group Policy object (GPO) named GPO1 is applied to all of the domain controllers.
GPO1 has a Globally Unique Identifier (GUID) of 7ABCDEFG-1234-5678-90AB-005056123456.
You need to create a new baseline that contains the settings from GPO1. What should you do first?
Correct Answer: C Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com. The domain contains four servers.
The servers are configured as shown in the following table.

You need to manage FS1 and FS2 by using Just Enough Administration (JEA).
What should you do before you can implement JEA?
Correct Answer: C Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2016.
You need to prevent NTLM authentication on Server1.
Solution: From a Group Policy, you configure the Kerberos Policy.
Does this meet the goal?
Correct Answer: B Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain. All the computers in the domain are configured for the Local Administrator Password Solution (LAPS). The Group Policy object (GPO) settings for LAPS are configured as shown in the exhibit. (Click the

You provide a technician with the local administrator password for a computer named Computer1.
What is the maximum amount of time the password will be valid?
Correct Answer: C Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com. The domain contains an organizational unit (OU) named OU1.
OU1 contains a server named Server1. The properties of Server1 are shown in the Server1 exhibit. (Click the Server1 tab.)

You create a Group Policy object (GPO) linked to OU1. You configure the GPO as shown in the LAPS exhibit. (Click the LAPS tab.)

You need to ensure that the password of the local Administrator of Server1 is managed by using Local Administrator Password Solution (LAPS).
Which cmdlet should you run?
Correct Answer: B Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
You have a Hyper-V host named Server1 that runs Windows Server 2016.
Server1 hosts the virtual machines configured as shown in the following table.

All the virtual machines have two volumes named C and D.
You plan to implement BitLocker Drive Encryption (BitLocker) on the virtual machines.
Which virtual machines can have their volumes protected by using BitLocker? Choose Two.
Correct Answer: A,J Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. You implement the Local Administrator Password Solution (LAPS) in the domain. You enable auditing for LAPS. You need to identify any users who read the password for Server1. Which log should you review?
Correct Answer: A Vote an answer
You have a virtual machine named FS1 that runs Windows Server 2016.
FS1 has the shared folders shown in the following table.

You need to ensure that each user can store 10 GB of files in \\FS1\Users.
What should you do?
Correct Answer: C Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com.
You implement Local Administrator Password Solution (LAPS) on a member sever named Server1.
You need to retrieve the password of the local Administrator of Server1.
What should you do?
Correct Answer: A Vote an answer
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. The domain has Dynamic Access Control enabled.
Server1 contains a folder named C:\Folder1. Folder1 is shared as Share1.
You need to audit all access to the contents of Folder1 from Server2. The solution must minimize the number of event log entries.
Which two audit policies should you enable on Server1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Correct Answer: C,D Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
0
0
0
10