网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
多选题
You need to design desktop and security settings for the client computers in the Seattle call center. Your solution must be implemented by using the minimum amount of administrative effort.Which two actions should you perform?()
A
On each client computer in the call center, configure a local policy that lists only authorized programs in the Allowed Windows Programs list
B
Using NTFS permissions, assign the Deny – Read permission for all unauthorized executable files to the client computer domain accounts
C
Design a Group Policy object (GPO) that enforces a software restriction policy on all client computers in the call center
D
Design a Group Policy object (GPO) that implements an IPSec policy on all client computers in the call center. Ensure that the IPSec policy rejects connections to any Web servers that the company does not operate
参考答案
参考解析
解析:
暂无解析
更多 “多选题You need to design desktop and security settings for the client computers in the Seattle call center. Your solution must be implemented by using the minimum amount of administrative effort.Which two actions should you perform?()AOn each client computer in the call center, configure a local policy that lists only authorized programs in the Allowed Windows Programs listBUsing NTFS permissions, assign the Deny – Read permission for all unauthorized executable files to the client computer domain accountsCDesign a Group Policy object (GPO) that enforces a software restriction policy on all client computers in the call centerDDesign a Group Policy object (GPO) that implements an IPSec policy on all client computers in the call center. Ensure that the IPSec policy rejects connections to any Web servers that the company does not operate” 相关考题
考题
Your network contains a server that has the SNMP Service installed.You need to configure the SNMP security settings on the server.Which tool should you use?()
A.Local Security PolicyB.ScwC.SeceditD.Services console
考题
You are the administrator responsible for security and user desktop settings on your network. You need to configure a custom registry entry for all users. You want to add the custom registry entry into a Group Policy object (GPO) with the least amount of administrative effort.What should you do?A.Configure an ADM template and add the template to the GPO.B.Configure an INF policy and add the policy to the GPO.C.Configure a Microsoft Windows installer package and add the package to the GPO.D.Configure RIS to include the registry entry.
考题
You have a computer that runs Windows Vista.You need to restore the default Windows Internet Explorer settings for the internal network. You want to maintain the current settings for the Internet.What should you do on the Internet Explorer Security tab?()A.AB.BC.CD.D
考题
You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do?()A、Create a script that installs the Hisecdc.inf security templateB、Use a GPO to distribute and apply the Hisec.inf security templateC、Use the System Policy Editor to configure each server’s security settingsD、Use a GPO to distribute and apply a custom security template
考题
You need to design desktop and security settings for the client computers in the Seattle call center. Your solution must be implemented by using the minimum amount of administrative effort.Which two actions should you perform?()A、On each client computer in the call center, configure a local policy that lists only authorized programs in the Allowed Windows Programs listB、Using NTFS permissions, assign the Deny – Read permission for all unauthorized executable files to the client computer domain accountsC、Design a Group Policy object (GPO) that enforces a software restriction policy on all client computers in the call centerD、Design a Group Policy object (GPO) that implements an IPSec policy on all client computers in the call center. Ensure that the IPSec policy rejects connections to any Web servers that the company does not operate
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A、 Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B、 Apply the Application.inf template and then the Hisecws.inf template.C、 Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D、 Apply the Setup security.inf template and then the Application.inf template.
考题
You are the desktop administrator for your company. The company's network contains 500 Windows XP Professional computers. The information security department releases a new security template named NewSec.inf. You import NewSec.inf into a security database named NewSec.sdb. You analyze the result, and you review the changes that the template makes. You examine the security policies that are defined in NewSec.inf. You discover that the settings in NewSec.inf have not been implemented on your computer. You need to ensure that the settings in NewSec.inf overwrite the settings in your computer's local security policy. What are two possible ways to achieve this goal?()A、Run the Secedit /configure /db C:/NewSec.sdb command.B、Run the Secedit /refreshpolicy machine_policy command.C、Copy NewSec.inf to the C:/Windows/Inf folder. D、Copy NewSec.sdb to the C:/Windows/System32/Microsoft/Protect folder. E、Use the Security Configuration and Analysis console to open NewSec.sdb and then to perform a Configure operation. F、Use the Security Configuration and Analysis console to export NewSec.sdb to the Defltwk.inf security template.
考题
You need to design a method to implement account policies that meets the requirements in the written security policy. What should you do?()A、Create a GPO and link it to the New York OU, to the Denver OU, and to the Dallas OU.Configure the GPO with the required account policy settingsB、On all computers in the domain, configure the Local Security Policy7 with the required account policy settingsC、Configure the Default Domain Policy GPO with the required account policy settingsD、Configure the Default Domain Controllers Policy GPO with the required account policy settings
考题
You need to recommend a Group Policy strategy for the Remote Desktop servers. What should you include in the recommendation?()A、block inheritanceB、loopback processingC、security filteringD、WMI filtering
考题
You need to recommend a solution for configuring the Automatic Updates settings on the VMs. What should you include in the recommendation?()A、block inheritanceB、loopback processingC、security filteringD、WMI filtering
考题
You need to design a remote administration solution for servers on the internal network. Your solution must meet business and security requirements. What should you do?()A、Permit administrators to use an HTTP interface to manage servers remotelyB、Permit only administrators to connect to the servers’ Telnet serviceC、Permit administrators to manage the servers by using Microsoft NetMeetingD、Require administrators to use Remote Desktop for Administration connections to manage the servers
考题
You have a server that runs Windows Server 2003 Service Pack 2 (SP2).You need to compare the current security settings of the server to a security template. Which tool should you use?()A、Security Templates snap-in B、Group Policy Management Console C、Security Configuration and Analysis snap-in D、Microsoft Baseline Security Analyzer (MBSA)
考题
You are the network administrator in the New York office of TestKing. The company network consists of a single Active Directory domain The New York office currently contains one Windows Server 2003 file server named TestKingA. All file servers in the New York office are in an organizational unit (OU) named New York Servers. You have been assigned the Allow - Change permission for a Group Policy object (GPO) named NYServersGPO, which is linked to the New York Servers OU. The written company security policy states that all new servers must be configured with specified predefined security settings when the servers join the domain. These settings differ slightly for the various company offices. You plan to install Windows Sever 2003, on 15 new computers, which all functions as file servers. You will need to configure the specified security settings on the new file servers. TestKingA currently has the specified security settings configured in its local security policy. You need to ensure that the security configuration of the new file servers is identical to that of TestKingA. You export a copy of TestKingA's local security policy settings to a template file. You need to configure the security settings of the new servers, and you want to use the minimum amount of administrative effort. What should you do?()A、Use the Security Configuration and Analysis tool on one of the new servers to import the template file.B、Use the default Domain Security Policy console on one of the new servers to import the template file.C、Use the Group Policy Editor console to open NYServersGPO and import the template file.D、Use the default Local Security Policy console on one of the new servers to import the template file.
考题
You need to design an access control and permission strategy for user objects in Active Directory.What should you do?()A、Make the members of the AdvancedSupport security group members of the Domain Admins security groupB、Give each desktop support technician permission to reset passwords for the top-level OU that contains user accounts at their own locationC、Delegate full control over all OUs that contain user accounts to all AllSupport security groupD、Change the permissions on the domain object and its child objects so that the BasicSupport security group is denied permissions. Then, add a permission to each OU that contains user accounts that allows AllSupport security group members to reset passwords in that OU
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional. The company has legacy applications that run on UNIX servers. The legacy applications use the LDAP protocol to query Active Directory for employee information. The domain controllers are currently configured with the default security settings. You need to configure enhanced security for the domain controllers. In particular, you want to configure stronger password settings, audit settings, and lockout settings. You want to minimize interference with the proper functioning of the legacy applications. You decide to use the predefined security templates. You need to choose the appropriate predefined security template to apply to the domain controllers. What should you do?()A、 Apply the Setup security.inf template to the domain controllers.B、 Apply the DC security.inf template to the domain controllers.C、 Apply the Securedc.inf template to the domain controllers.D、 Apply the Rootsec.inf template to the domain controllers.
考题
You have a computer that runs Windows 7. You need to prevent ActiveX controls from running in WindowsInternet Explorer. Which Internet Explorer settings should you modify?()A、ContentB、EncodingC、SafetyD、Security
考题
You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?()A、Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domainB、Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security templateC、Create a logon script to run the secedit command to analyze all servers in the domainD、Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain
考题
单选题You are changing the security settings of a file named MyData.xml.You need to preserve the existing inherited access rules.You also need to prevent the access rules from inheriting changes in the future. Which code segment should you use?()A
AB
BC
CD
D
考题
单选题You are designing a Windows 7 virtual desktop infrastructure.You have the following requirements: Provide access to Remote Desktop Services RemoteApp sources from multiple remote desktop servers. Support network load balancing. Support reconnection to existing sessions on virtual desktops. You need to specify a design that meets the requirements. What should you include in your design?()A
Remote Desktop GatewayB
Remote Desktop Connection BrokerC
Windows Deployment ServicesD
Windows Virtual PC and Windows XP Mode
考题
单选题You have a server that runs Windows Server 2003 Service Pack 2 (SP2). You need to compare the current security settings of the server to a security template. Which tool should you use?()A
Security Templates snap-inB
Group Policy Management ConsoleC
Security Configuration and Analysis snap-inD
Microsoft Baseline Security Analyzer (MBSA)
考题
单选题Your network has client computers that run Windows 7. A custom Web-based application requires specific security settings. You need to prevent users from permanently modifying their Internet Explorer browser’s security settings. What should you do?()A
Use Windows Internet Explorer Maintenance (IEM) extension settings in Preference mode.B
Use Windows Internet Explorer Maintenance (IEM) extension settings in Normal mode.C
Reset the Internet Explorer settings.D
Restore the advanced settings in Internet Explorer.
考题
多选题You have a single Active Directory directory service forest named contoso.com. You create baseline security settings for a group of computers, and you store the settings in a database. You deploy thebaseline security settings. You need to confirm that the security settings on one of the computers are applied correctly. What are two possible commands that you can run to achieve this goal?()AseceditBgpupdateCnetdomDscwcmd
考题
单选题You have a computer that runs Windows XP Professional. Multiple users share the computer. You log on to the computer by using the local administrator account and install a custom application. You need to add an application shortcut to the desktop of all new users who use the computer. The shortcut must appear on the desktop of new users only. What should you do?()A
Copy the shortcut to %systemdrive%/documents and settings/default user/desktop/.B
Copy the shortcut to %systemdrive%/documents and settings/all users/desktop/.C
Copy the shortcut to your desktop. Modify the %comspec% system environment variable. D
Copy the shortcut to the guest user’s desktop. Assign the Everyone group Read permission to the guest user profile.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A
Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B
Apply the Application.inf template and then the Hisecws.inf template.C
Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D
Apply the Setup security.inf template and then the Application.inf template.
考题
单选题Your network contains a server that has the SNMP Service installed.You need to configure the SNMP security settings on the server.Which tool should you use?()A
Local Security PolicyB
ScwC
SeceditD
Services console
考题
单选题You have two computers named Computer1 and Computer2 that run Windows 7. You use Remote Desktopto connect from Computer1 to Computer2. You need to prevent the desktop background of Computer2from being displayed when you use Remote Desktop to connect to Computer2. What should you do on Computer1?()A
From the Personalization options, change the theme.B
From the System properties, modify the Remote settings.C
From the Remote Desktop Connection options, modify the Performance setting.D
From the Remote Desktop Connection options, modify the Display configuration settings.
考题
多选题Your company has 10 servers that run Windows Server 2008 R2. The servers have Remote Desktop Protocol (RDP) enabled for server administration. RDP is configured to use default security settings. All administrators' computers run Windows 7. You need to ensure the RDP connections are as secure as possible. Which two actions should you perform?()ASet the security layer for each server to the RDP Security Layer.BConfigure the firewall on each server to block port 3389.CAcquire user certificates from the internal certification authority.DConfigure each server to allow connections only to Remote Desktop client computers that use Network Level Authentication.
考题
单选题You need to design a method to monitor the security configuration of the IIS server to meet the requirements in the written security policy. What should you do?()A
Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the IIS server computer accountB
Run the Microsoft Baseline Security Analyzer (MBSA) on the IIS server and scan for vulnerabilities in Windows and IIS checksC
Run Security Configuration and Analysis to analyze the IIS server’s security settings by using a custom security templateD
On the IIS server, run the gpresult command from a command prompt and analyze the output
热门标签
最新试卷
