ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-744 All Questions

View all questions & answers for the 70-744 exam
Go to Exam

Exam 70-744 topic 1 question 159 discussion

Actual exam question from Microsoft's 70-744
Question #: 159
Topic #: 1
[All 70-744 Questions]

HOTSPOT -
You have a client computer named Computer1 that runs Windows 10 Enterprise.
You plan to implement Windows Defender Device Guard.
You enable Device Guard on Computer1, and you create a code integrity policy.
You need to audit the code integrity policy.
What should you do? To answer select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
References:
https://blogs.technet.microsoft.com/ukplatforms/2017/04/04/getting-started-with-windows-10-device-guard-part-1-of-2/#audit-policies
by Ario at April 15, 2020, 6:45 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Yebubbleman
4 years, 5 months ago
You need to audit the policy, not put the policy into audit mode. The difference there is key. To put the policy into audit mode, you need it as an xml. To audit the file, you need to load it and then go to the event viewer logs (as specified in that portion of the given answer). C:\Windows\System32\CodeIntegrity\SIPolicy.p7b is correct. The given answer for the log locations is also correct.
upvoted 1 times
...
SamsOtro
4 years, 6 months ago
First answer should be: SIPolicy.p7b Second answer is correct
upvoted 4 times
northgaterebel
4 years, 6 months ago
Agreed. The link only ever shows copying SIPolicy.p7b to C:\Windows\System32\CodeIntegrity folder. The XML files can be located anywhere.
upvoted 2 times
...
...
KidCastaldo
4 years, 8 months ago
But the answer hotspot specifically states what file do you copy to: "C:\Windows\System32\CodeIntegrity" which is the "SIPolicy.p7b", the XML can go anywhere for the audit.
upvoted 4 times
...
morlu
4 years, 8 months ago
First answer is incorrect. The question states that the policy is already created, so the file that must be copied is the p7b as the question asks file that you must copy TO the CodeIntegrity folder. p7b must be placed there to begin auditing CIP, but it must first have been created with an XML file which is implied by the question.
upvoted 4 times
...
DES123
4 years, 11 months ago
You need to the XML file to audit the CIP, so answer is correct
upvoted 3 times
...
Ario
5 years, 2 months ago
The default directory path and filename of a code integrity policy is C:\Windows\System32\CodeIntegrity\SIPolicy.p7b
upvoted 2 times
simcauley
5 years ago
It is as you say but I believe to audit the policy we must use the xml which would make the answer correct.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel