网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
You are a network administrator for your company. The network contains a perimeter network. The perimeter network contains four Windows Server 2003, Web Edition computers that are configured as a Network Load Balancing cluster. The cluster hosts an e-commerce Web site that must be available 24 hours per day. The cluster is located in a physically secure data center and uses an Internet-addressable virtual IP address. All servers in the cluster are configured with the Hisecws.inf template. You need to implement protective measures against the cluster’s most significant security vulnerability. What should you do? ()
- A、 Use Encrypting File System (EFS) for all files that contain confidential data stored on the cluster.
- B、 Use packet filtering on all inbound traffic to the cluster.
- C、 Use Security Configuration and Analysis regularly to compare the security settings on all servers in the cluster with the baseline settings.
- D、 Use intrusion detection on the perimeter network.
参考答案
更多 “ You are a network administrator for your company. The network contains a perimeter network. The perimeter network contains four Windows Server 2003, Web Edition computers that are configured as a Network Load Balancing cluster. The cluster hosts an e-commerce Web site that must be available 24 hours per day. The cluster is located in a physically secure data center and uses an Internet-addressable virtual IP address. All servers in the cluster are configured with the Hisecws.inf template. You need to implement protective measures against the cluster’s most significant security vulnerability. What should you do? ()A、 Use Encrypting File System (EFS) for all files that contain confidential data stored on the cluster.B、 Use packet filtering on all inbound traffic to the cluster.C、 Use Security Configuration and Analysis regularly to compare the security settings on all servers in the cluster with the baseline settings.D、 Use intrusion detection on the perimeter network.” 相关考题
考题
Your network contains an internal network and a perimeter network that are separated by a firewall. The perimeter network contains an Exchange Server 2010 Edge Transport server. You plan to deploy an internal Exchange Server 2010 organization that meets the following requirements:.Support EdgeSync synchronization .Support encrypted delivery of outbound e-mail messages to the Edge Transport server .Minimize the attack surface of the internal network Which TCP ports should you allow from the internal network to the perimeter network?()A、3389 and 25B、3389 and 636C、50636 and 25D、50636 and 135
考题
You are a network administrator for your company. All domain controllers run Windows Server 2003. The network contains 50 Windows 98 client computers, 300 Windows 2000 Professional computers, and 150 Windows XP Professional computers. According to the network design specification, the Kerberos version 5 authentication protocol must be used for all client computers on the internal network. You need to ensure that Kerberos version 5 authentication is used for all client computers on the internal network. What should you do? ()A、 On each domain controller, disable Server Message Block (SMB) signing and encryption of the secure channel traffic.B、 Replace all Windows 98 computers with new Windows XP Professional computers.C、 Install the Active Directory Client Extensions software on the Windows 98 computers.D、 Upgrade all Windows 98 computers to Windows NT Workstation 4.0.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. You administer a Network Load Balancing cluster that consists of three nodes. Each node runs Windows Server 2003 and contains a single network adapter. The Network Load Balancing cluster can run only in unicast mode. The Network Load Balancing cluster has converged successfully. To increase the utilization of the cluster, you decide to move a particular application to each node of the cluster. For this application to run, you must add a Network Load Balancing port rule to the nodes of the cluster. You start Network Load Balancing Manager on the second node of the cluster. However, Network Load Balancing Manager displays a message that it cannot communicate with the other two nodes of the cluster. You want to add the port rule to the nodes of the cluster. What should you do? ()A、 Use Network Load Balancing Manager on the Network Load Balancing default host to add the port rule.B、 Change the host priority of the second node to be the highest in the cluster, and then use Network Load Balancing Manager to add the port rule.C、 Run the nlb.exe drain command on each node, and then use Network Load Balancing Manager to add the port rule.D、 Add the port rule through Network Connections Properties on each node.
考题
Your network is configured as shown in the following diagram.You deploy an enterprise certification authority (CA) on the internal network. You also deploy a Microsoft Online Responder on the internal network. You need to recommend a secure method for Internet users to verify the validity of individual certificates. The solution must minimize network bandwidth. What should you recommend?()A、Deploy a subordinate CA on the perimeter network.B、Install a stand-alone CA and the Network Device Enrollment Service (NDES) on a server on the perimeter network.C、Install a Network Policy Server (NPS) on a server on the perimeter network. Redirect authentication requests to a server on the internal network.D、Install Microsoft Internet Information Services (IIS) on a server on the perimeter network. Configure IIS to redirect requests to the Online Responder on the internal network.
考题
Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest. The forest contains a single domain. You plan to deploy 10 Edge Transport servers on the perimeter network. You need to recommend a solution for the Edge Transport server deployment. The solution must meet the following requirements: .Allow administrators to apply a single security policy to all Edge Transport servers .Reduce the administrative overhead that is required to manage servers .Minimize the attack surface of the internal network What should you recommend?()A、Implement Network Policy and Access Services (NPAS).B、Implement Active Directory Federation Services (AD FS).C、Create a new Active Directory domain in the internal forest, and then join all Edge Transport servers to the new domain.D、Create an Active Directory forest in the perimeter network, and then join all Edge Transport servers to the new domain.
考题
You are the network administrator for The network consists of an internal network and a perimeter network. The internal network is protected by a firewall. The perimeter network is exposed to the Internet. You are deploying 10 Windows Server 2003 computers as Web servers. The servers will be located in the perimeter network. The servers will host only publicly available Web pages. You want to reduce the possibility that users can gain unauthorized access to the servers. You are concerned that a user will probe the Web servers and find ports or services to attack. What should you do?()A、Disable File and Printer Sharing on the servers.B、Disable the IIS Admin service on the servers.C、Enable Server Message Block (SMB) signing on the servers.D、Assign the Secure Server (Require Security) IPSec policy to the servers.
考题
All servers and client computers in your company are configured to use WINS for name resolution. The internal network is separated from a perimeter network (also known as DMZ) by a third-party firewall. Firewall rules do not allow name resolution between the internal network and the perimeter network. You move a Windows Server 2003 server named Server1 to the perimeter network. You need to ensure that all computers on the internal network can connect to Server1 by name. What should you do?()A、 Create an LMHOSTS file on Server1.B、 Create a static WINS entry for Server1.C、 Configure Server1 to use Broadcast (B-node) mode.D、 Configure Server1 to use Peer-to-Peer (P-node) mode.
考题
Your network contains an internal network and a perimeter network. The internal network contains a single Active Directory site. The perimeter network contains two Exchange Server 2010 Edge Transport servers. You plan to deploy an Exchange Server 2010 organization on the internal network. You need to plan the deployment of Hub Transport server roles to meet the following requirements:.If a single Hub Transport server fails, e-mail messages from the Internet must be delivered to the Mailboxservers. .If a single Hub Transport server fails, users must be able to send e-mail messages to other users thathave mailboxes on the same Mailbox server. What should you include in the plan?()A、Deploy one Edge Transport server on the internal network, and then configure EdgeSync synchronization.B、Deploy one Hub Transport server on the internal network, and then configure EdgeSync synchronization.C、Deploy one Hub Transport server on the internal network and one Hub Transport server on the perimeter network.D、Deploy two Hub Transport servers on the internal network.
考题
Your company named Contoso, Ltd. has a two-node Network Load Balancing cluster. The cluster is intended to provide high availability and load balancing for only the intranet Web site. The name of the cluster is web.contoso.com. You discover that Contoso users can see the Network Load Balancing cluster in the network neighborhood and can connect to various services by using the web.contoso.com name. The web.contoso.com Network Load Balancing cluster is configured with only one port rule. You need to configure the web.contoso.com Network Load Balancing cluster to accept only HTTP traffic. Which two actions should you perform?()A、Log on to one of the cluster nodes and run the wlbs disable all command.B、Open the Network Load Balancing Clusters console and delete the default port rules.C、Open the Network Load Balancing Clusters console and create a new Allow rule for TCP port 80.D、Open the Network Load Balancing Clusters console and change the default port rule to a disabled port range rule.
考题
You are a network administrator for Alpine Ski House. The internal network has an Active Directory-integrated zone for the alpineskihouse.org domain. Computers on the internal network use the Active Directory-integrated DNS service for all host name resolution. The Alpine Ski House Web site and DNS server are hosted at a local ISP. The public Web site for Alpine Ski House is accessed at www.alpineskihouse.com. The DNS server at the ISP hosts the alpineskihouse.com domain. To improve support for the Web site, your company wants to move the Web site and DNS service from the ISP to the company’s perimeter network. The DNS server on the perimeter network must contain only the host (A) resource records for computers on the perimeter network. You install a Windows Server 2003 computer on the perimeter network to host the DNS service for the alpineskihouse.com domain. You need to ensure that the computers on the internal network can properly resolve host names for all internal resources, all perimeter resources, and all Internet resources. Which two actions should you take? ()A、 On the DNS server that is on the perimeter network, install a primary zone for alpineskihouse.com.B、 On the DNS server that is on the perimeter network, install a stub zone for alpineskihouse.com.C、 Configure the DNS server that is on the internal network to conditionally forward lookup requests to the DNS server that is on the perimeter network.D、 Configure the computers on the internal network to use one of the internal DNS servers as the preferred DNS server. Configure the the TCP/IP settings on the computers on the internal network to use the DNS server on the perimeter network as an alternate DNS server.E、 On the DNS server that is on the perimeter network, configure a root zone.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. You administer a four-node Network Load Balancing cluster. All nodes run Windows Server 2003. The cluster has converged successfully. You use Network Load Balancing Manager on the default host to configure all nodes of the cluster. The nodes have a single network adapter and are connected to the same switching hub device. Administrators of non-cluster servers that are connected to the same switching hub device report that their servers receive traffic that is destined for the cluster nodes. Receiving this additional network traffic impairs the network performance of the non-cluster servers. You need to ensure that traffic destined for only the cluster nodes is not sent to all ports of the switching hub device. You do not want to move the cluster to another switching hub device. What should you do? ()A、 On one node, run the nlb.exe reload command.B、 On each node, run the wlbs.exe drainstop command.C、 Use Network Load Balancing Manager to enable Internet Group Management Protocol (IGMP) support on the cluster.D、 Use Network Load Balancing Manager to add a second cluster IP address.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. You administer a three-node Network Load Balancing cluster. Each cluster node runs Windows Server 2003 and has a single network adapter. The cluster has converged successfully. You notice that the nodes in the cluster run at almost full capacity most of the time. You want to add a fourth node to the cluster. You enable and configure Network Load Balancing on the fourth node. However, the cluster does not converge to a four-node cluster. In the System log on the existing three nodes, you find the exact same TCP/IP error event. The event has the following description: "The system detected an address conflict for IP address 10.50.8.70 with the system having network hardware address 02:BF://0A:32:08:46." In the System log on the new fourth node, you find a similar TCP/error event with the following description: "The system detected an address conflict for IP address 10.50.8.70 with the system having network hardware address 03:BF://0A:32:08:46." Only the hardware address is different in the two descriptions. You verify that IP address 10.50.8.70 is configured as the cluster IP address on all four nodes. You want to configure a four-node Network Load Balancing cluster. What should you do? ()A、 Configure the fourth node to use multicast mode.B、 Remove 10.50.8.70 from the Network Connections Properties of the fourth node.C、 On the fourth node, run the nlb.exe resume command.D、 On the fourth node, run the wlbs.exe reload command.
考题
Your network contains an internal network and a perimeter network. You have one Exchange Server 2010 server on the internal network. You install Windows Server 2008 R2 on a new server in the perimeter network. You need to ensure that you can install the Edge Transport server role on the new server. What should you do()? A、Join the new server to an Active Directory domain.B、Install Active?Directory Lightweight Directory Services on the new server.C、Run ImportEdgeConfig.ps1 on the existing Exchange Server 2010 server.D、Open TCP port 88 and TCP port 3268 on the firewall between the perimeter network and the internal network.
考题
You are a network administrator for your company. The network contains four Windows Server 2003 computers configured as a four-node server cluster. Each cluster node is the preferred owner of a clustered instance of Microsoft SQL Server 2000, and each cluster node is configured as a possible owner of all other instances of SQL Server. All nodes have identically configured hardware. All four nodes operate at a sustained 70 percent CPU average. You add a server that has identically configured hardware to the cluster as a fifth node. You want each SQL Server instance to continue operating at the same level of performance in the event of a single node failure. What should you do? ()A、 Clear the Affect group check box in the cluster resource properties for each SQL Server instance.B、 Configure the fifth node as the only possible owner other than the existing preferred owner of the cluster resources that are associated with each SQL Server instance.C、 Configure the fifth node as the preferred owner of each cluster group that contains an SQL Server instance.D、 Enable failback on each group that contains an SQL Server instance.
考题
Your network contains an internal network and a perimeter network.You have one Exchange Server 2010 server on the internal network. You install Windows Server 2008 R2 on a new server in the perimeter network.You need to ensure that you can install the Edge Transport server role on the new server. What should you do?()A、Join the new server to an Active Directory domain.B、Install Active? Directory Lightweight Directory Services on the new server.C、Run ImportEdgeConfig.ps1 on the existing Exchange Server 2010 server.D、Open TCP port 88 and TCP port 3268 on the firewall between the perimeter network and the internal network.
考题
Your network contains two servers that run the Server Core installation of Windows Server 2008 R2. The two servers are part of a Network Load Balancing cluster. The cluster hosts a Web site. Administrators use client computers that run Windows 7. You need to recommend a strategy that allows the administrators to remotely manage the Network Load Balancing cluster. Your strategy must support automation. What should you recommend?()A、On the servers, enable Windows Remote Management (WinRM).B、On the servers, add the administrators to the Remote Desktop Users group.C、On the Windows 7 client computers,enable Windows Remote Management (WinRM).D、On the Windows 7 client computers,add the administrators to the Remote Desktop Users group.
考题
Your company named Contoso, Ltd. has a two-node Network Load Balancing cluster. The cluster isintended to provide high availability and load balancing for only the intranet Web site. The name of the cluster is web.contoso.com. You discover that Contoso users can see the Network Load Balancingcluster in the network neighborhood and can connect to various services by using the web.contoso.comname. The web.contoso.com Network Load Balancing cluster is configured with only one port rule. Youneed to configure the web.contoso.com Network Load Balancing cluster to accept only HTTP traffic. Which two actions should you perform?()A、Log on to one of the cluster nodes and run the wlbs disable all command.B、Open the Network Load Balancing Clusters console and delete the default port rules.C、Open the Network Load Balancing Clusters console and create a new Allow rule for TCP port 80.D、Open the Network Load Balancing Clusters console and change the default port rule to a disabled port range rule.
考题
You are a network adminstrator for your company. You install an intranet application on three Windows Server 2003 computers. You configure the servers as a Network Load Balancing cluster. You configure each server with two network adapters. One network adapter provides client computers access to the servers. The second network adapter is for cluster communications. Cluster communications is on a separate network segment. The network team wants to reduce the cluster’s vulnerability to attack. These servers need to be highly available. The network team decides that the Network Load Balancing cluster needs to filter IP ports. The team wants the cluster to allow only the ports that are required for the intranet application. You need to implement filtering so that only the intranet application ports are available on the cluster. You need to achieve this goal by using the minimum amount of administrative effort. What should you do? ()A、 Use Network Load Balancing Manager to configure port rules. Allow only the intranet application ports on the cluster IP address.B、 Use TCP/IP filtering on each server. Configure only the intranet application ports on the network adapter that provides client computers access to the servers.C、 Use TCP/IP filtering on each server. Configure only the intranet application ports on both of the network adapters.D、 Configure Routing and Remote Access on each server. Use Routing and Remote Access input filters to allow only the intranet application ports on the network adapter that provides client computers access to the servers.
考题
Your network contains two Hyper-V hosts that run Windows Server 2012 R2. The Hyper-V hosts contains several virtual machines that run Windows Server 2012 R2. You install the Network Load Balancing feature on the virtual machines. You need to configure the virtual machines to support Network Load Balancing (NLB). Which virtual machine settings should you configure?()A、Port mirroringB、DHCP guardC、Router guardD、MAC address
考题
单选题You are a network administrator for your company. The network contains a perimeter network. The perimeter network contains four Windows Server 2003, Web Edition computers that are configured as a Network Load Balancing cluster. The cluster hosts an e-commerce Web site that must be available 24 hours per day. The cluster is located in a physically secure data center and uses an Internet-addressable virtual IP address. All servers in the cluster are configured with the Hisecws.inf template. You need to implement protective measures against the cluster’s most significant security vulnerability. What should you do? ()A
Use Encrypting File System (EFS) for all files that contain confidential data stored on the cluster.B
Use packet filtering on all inbound traffic to the cluster.C
Use Security Configuration and Analysis regularly to compare the security settings on all servers in the cluster with the baseline settings.D
Use intrusion detection on the perimeter network.
考题
单选题Your network contains an internal network and a perimeter network that are separated by a firewall. The perimeter network contains an Exchange Server 2010 Edge Transport server. You plan to deploy an internal Exchange Server 2010 organization that meets the following requirements:.Support EdgeSync synchronization .Support encrypted delivery of outbound e-mail messages to the Edge Transport server .Minimize the attack surface of the internal network Which TCP ports should you allow from the internal network to the perimeter network?()A
3389 and 25B
3389 and 636C
50636 and 25D
50636 and 135
考题
单选题You are a network adminstrator for your company. You install an intranet application on three Windows Server 2003 computers. You configure the servers as a Network Load Balancing cluster. You configure each server with two network adapters. One network adapter provides client computers access to the servers. The second network adapter is for cluster communications. Cluster communications is on a separate network segment. The network team wants to reduce the cluster’s vulnerability to attack. These servers need to be highly available. The network team decides that the Network Load Balancing cluster needs to filter IP ports. The team wants the cluster to allow only the ports that are required for the intranet application. You need to implement filtering so that only the intranet application ports are available on the cluster. You need to achieve this goal by using the minimum amount of administrative effort. What should you do? ()A
Use Network Load Balancing Manager to configure port rules. Allow only the intranet application ports on the cluster IP address.B
Use TCP/IP filtering on each server. Configure only the intranet application ports on the network adapter that provides client computers access to the servers.C
Use TCP/IP filtering on each server. Configure only the intranet application ports on both of the network adapters.D
Configure Routing and Remote Access on each server. Use Routing and Remote Access input filters to allow only the intranet application ports on the network adapter that provides client computers access to the servers.
考题
单选题All servers and client computers in your company are configured to use WINS for name resolution. The internal network is separated from a perimeter network (also known as DMZ) by a third-party firewall. Firewall rules do not allow name resolution between the internal network and the perimeter network. You move a Windows Server 2003 server named Server1 to the perimeter network. You need to ensure that all computers on the internal network can connect to Server1 by name. What should you do?()A
Create an LMHOSTS file on Server1.B
Create a static WINS entry for Server1.C
Configure Server1 to use Broadcast (B-node) mode.D
Configure Server1 to use Peer-to-Peer (P-node) mode.
热门标签
最新试卷
