ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-744 All Questions

View all questions & answers for the 70-744 exam
Go to Exam

Exam 70-744 topic 1 question 129 discussion

Actual exam question from Microsoft's 70-744
Question #: 129
Topic #: 1
[All 70-744 Questions]

You deploy the Host Guardian Service (HGS).
You have several Hyper-V that have older hardware and Trusted Platform Modules (TPMs) version 1.2.
You discover that the Hyper-V hosts cannot start shielded virtual machines.
You need to configure HGS to ensure that the older Hyper-V hosts can host shielded virtual machines.
What should you do?

  • A. Run the Set-HgsServer cmdlet and specify the ""TrustActiveDirectory parameter.
  • B. Run the Clear-HgsServer cmdlet and specify the ""Clustername parameter.
  • C. Run the Clear-HgsServer cmdlet and specify the ""Force parameter.
  • D. Run the Set-HgsServer cmdlet and specify the ""TrustTpm parameter.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
References:
https://blogs.technet.microsoft.com/datacentersecurity/2016/03/16/windows-server-2016-and-host-guardian-service-for-shielded-vms/ https://docs.microsoft.com/en-us/powershell/module/hgsserver/set-hgsserver?view=win10-ps
by Kamikazekiller at Aug. 9, 2020, 3:22 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
thattanguyz
Highly Voted 4 years, 8 months ago
Answer A is correct. https://docs.microsoft.com/en-us/archive/blogs/datacentersecurity/windows-server-2016-and-host-guardian-service-for-shielded-vms "The “TrustTpm” parameter specifies the Attestation service operation mode. For TPM-trusted fabrics, use “-TrustTpm”. If your host machines do not meet the hardware requirements for TPM attestation, you can configure HGS to use AD attestation with the “-TrustActiveDirectory” parameter."
upvoted 7 times
thissiteisgreat
4 years, 8 months ago
No, it should be Answer D ("Run the Set-HgsServer cmdlet and specify "TrustTpm" parameter") You should read what you quoted, it states use "-TrustTpm" if your host machines do not meet the hardware requirements for TPM attestation. TPM attestation requires TPM v2.0 (https://docs.microsoft.com/en-us/windows-hardware/design/minimum/minimum-hardware-requirements-overview#37-trusted-platform-module-tpm)
upvoted 1 times
morlu
4 years, 7 months ago
No, there's a period there. "For TPM-trusted fabrics, use “-TrustTpm”****.*** If your host machines do not meet the hardware requirements for TPM attestation, you can configure HGS to use AD attestation with the “-TrustActiveDirectory” parameter." A is correct.
upvoted 3 times
...
...
...
SamsOtro
Most Recent 4 years, 5 months ago
Going with Set-HgsServer cmdlet and specify the ""TrustActiveDirectory parameter. Should work with TPM 1.2 unless there is another issue, which is implied here.
upvoted 2 times
...
KidCastaldo
4 years, 7 months ago
I agree with "thattanguyz" and his website. "thissiteisgreat" might not understand punctuation and missed that there is a (.) in the sentence he misquoted.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago