网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
You have a single Active Directory directory service forest named contoso.com. You create baseline security settings for a group of computers, and you store the settings in a database. You deploy the baseline security settings. You need to confirm that the security settings on one of the computers are applied correctly. What are two possible commands that you can run to achieve this goal?()
- A、 secedit
- B、 gpupdate
- C、 netdom
- D、 scwcmd
参考答案
更多 “ You have a single Active Directory directory service forest named contoso.com. You create baseline security settings for a group of computers, and you store the settings in a database. You deploy the baseline security settings. You need to confirm that the security settings on one of the computers are applied correctly. What are two possible commands that you can run to achieve this goal?()A、 seceditB、 gpupdateC、 netdomD、 scwcmd” 相关考题
考题
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A、 UrlScan Security ToolB、 Enterprise Scan Tool (EST)C、 Malicious Removal Tool (MRT)D、 Microsoft Baseline Security Analyzer (MBSA)
考题
You have a single Active Directory directory service forest named contoso.com. You create baseline security settings for a group of computers, and you store the settings in a database. You deploy thebaseline security settings. You need to confirm that the security settings on one of the computers are applied correctly. What are two possible commands that you can run to achieve this goal?()A、 seceditB、 gpupdateC、 netdomD、 scwcmd
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The company has an internal network and a perimeter network. The internal network is protected by a firewall. Application servers on the perimeter network are accessible from the Internet. You are deploying 10 Windows Server 2003 computers in application server roles. The servers will be located in theperimeter network and will not be members of the domain. The servers will host only publicly available Web pages. The network design requires that custom security settings must be applied to the application servers. These custom security settings must be automatically refreshed every day to ensure compliance with the design. You create a custom security template named Baseline1.inf for the application servers. You need to comply with the design requirements. What should you do? ()A、 Import Baseline1.inf into the Default Domain Policy Group Policy object (GPO).B、 Create a task on each application server that runs Security and Configuration Analysis with Baseline1.inf every day.C、 Create a task on each application server that runs the secedit command with Baseline1.inf every day.D、 Create a startup script in the Default Domain Policy Group Policy object (GPO) that runs the secedit command with Baseline1.inf.
考题
Your network consists of a single Active Directory domain. The remote access permission for all users is set to Control access through Remote Access Policy. You have a VPN server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). The current configuration allows all authenticated users to establish VPN connections to Server1. You create a global group named Group1.You need to prevent all members of Group1 from establishing VPN connections to Server1. What should you do?()A、From the local computer policy on Server1, modify the Account Policies settings. B、From Active Directory Users and Computers, modify the Security settings of Group1. C、From the Routing and Remote Access snap-in, create a new remote access policy. D、From the Routing and Remote Access snap-in, open the properties of Server1 and modify the security options.
考题
You are the network administrator for Humongous Insurance. The network consists of a single Active Directory domain named humongous.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You configure several Group Policy objects (GPOs) to enforce the use of IPSec for certain types of communication between specified computers. A server named Server2 runs the Telnet service. A GPO is supposed to ensure that all Telnet connections to Server2 are encrypted by using IPSec. However, when you monitor network traffic, you notice that Telnet connections are not being encrypted.You need to view all of the IPSec settings that are applied to Server2 by GPOs. Which tool should you use?()A、the IP Security Policy Management consoleB、the IP Security Monitor consoleC、the Resultant Set of Policy consoleD、Microsoft Baseline Security Analyzer (MBSA)
考题
You have an Exchange Server 2010 organization.You create a distribution group for all users in your company.You need to ensure that new users can add their mailboxes to the distribution group.What should you do?()A、Modify the group scope of the distribution group.B、Modify the approval mode of the distribution group.C、Modify the security settings of the distribution group.D、Modify the authentication settings of the ECP virtual directory.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. The domain contains an organizational unit (OU) named Servers that contains all of the company’s Windows Server 2003 resource servers. The domain also contains an OU named Workstations that contains all of the company’s Windows XP Professional client computers. You configure a baseline security template for resource servers named Server.inf and a baseline security template for client computers named Workstation.inf. The Server.inf template contains hundreds of settings, including file and registry permission settings that have inheritance propagation enabled. The Workstation.inf template contains 20 security settings, none of which contain file or registry permissions settings. The resource servers operate at near capacity during business hours. You need to apply the baseline security templates so that the settings will be periodically enforced. You need to accomplish this task by using the minimum amount of administrative effort and while minimizing the performance impact on the resource servers. What should you do? ()A、 Create a Group Policy object (GPO) and link it to the domain. Import both the Server.inf and the Workstation.inf templates into the GPO.B、 Import both the Server.inf and the Workstation.inf templates into the Default Domain Policy Group Policy object (GPO).C、 On each resource server, create a weekly scheduled task to apply the Server.inf settings during off-peak hours by using the secedit command. Create a Group Policy object (GPO) and link it to the Workstations OU. Import the Workstation.inf template into the GPO.D、 On each resource server, create a weekly scheduled task to apply the Server.inf settings during off-peak hours by using the secedit command. Import the Workstation.inf template into the Default Domain Policy Group Policy object (GPO).
考题
You have a single Active Directory directory service domain. You use a Group Policy object (GPO) to apply security settings to your client computers. You configure the startup type for system services settings in a new GPO, and you link the GPO to an organizational unit (OU). You discover that the startup type for system services on one of the client computers has not been updated. You need to ensure that the Group Policy settings are applied to the client computer. What should you do?()A、 Restart the client computer.B、 Instruct the user to log off and then log on to the client computer.C、 On the client computer, run the Gpupdate.exe command with the /Force parameter.D、 On the client computer, run the Gpupdate.exe command with the /Target:computer parameter.
考题
Your network consists of Windows XP computers. All computers are joined to a single Active Directory directory service domain and located in a single Active Directory site. You create a new Group Policy object (GPO) and link it to the site. The policy configures default screensaver settings. User accounts of users in the research department are located in an organizational unit (OU) named Research. You need to allow users in the research department to configure a different screensaver setting on their computers. What should you do?()A、 Move the user accounts of users in the research department to the Users container.B、 Configure a local security policy on all computers in the research department to allow users to modify their screensaver settings.C、 Add users in the research department to a domain group. Allow the group the Apply Group Policy permission for the GPO.D、 Add users in the research department to a domain group. Deny the group the Apply Group Policy permission to the GPO.
考题
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You have a user account named User1. You need to identify which permissions User1 has on a file. What should you do? ()A、At a command prompt, run Net file.B、At a command prompt, run Attrib.exe.C、From the file properties, view the Summary settings.D、From the file properties, view the Advanced Security settings.
考题
You have a single Active Directory directory service domain. All servers run Windows Server 2003. You create several new Group Policies. You need to determine the end result of these Group Policies before applying the settings. What should you do?()A、 Use Resultant Set of Policy (RSoP) in Planning mode.B、 Use Resultant Set of Policy (RSoP) in Logging mode.C、 Use Event Viewer to view the system log.D、 Use Event Viewer to view the application log.
考题
You are the administrator of your company's network. You want to configure a Security Policy for the Windows 2000 Professional Computers that are in the sales department. On one of the computers, you use Security Templates to configure the Security Policy based on the desired security settings. You then export those settings to an .inf file that will be used on all of the Computers in the sales department. You want to configure each Computer to have a customized Security Policy. What steps should you follow in order to achieve your goal?()A、Use Secedit.exe to import the security settings from the .inf file to the computers in the sales department.B、Use a text editor to change the default security settings to the desired security settings. Then export those settings to the Computers in the sales department.C、Create an organizational unit (OU) named Sales. Add the users in the sales department to the Sales OU. Then apply the security template to the users in the Sales OU.D、Create an organizational unit (OU) named Sales. Add the computers in the sales department to the Sales OU. Then apply the security template to computers in the Sales OU.
考题
You have a server that runs Windows Server 2003 Service Pack 2 (SP2). You need to compare the current security settings of the server to a security template. Which tool should you use?()A、Security Templates snap-inB、Group Policy Management ConsoleC、Security Configuration and Analysis snap-inD、Microsoft Baseline Security Analyzer (MBSA)
考题
Your network contains an Active Directory domain named contoso.com. All user accounts are in an organizational unit (OU) named Employees. You create a Group Policy object (GPO) named GP1.You link GP1 to the Employees OU.You need to ensure that GP1 does not apply to the members of a group named Managers. What should you configure?()A、The Security settings of EmployeesB、The WMI filter for GP1C、The Block Inheritance option for EmployeesD、The Security settings of GP1
考题
You have a single Active Directory directory service forest with one domain. You have an existing top-level organizational unit (OU) named Sales. You are planning to create a new top-level OU named Training. The Sales and Training OUs must have the same security and auditing settings. You need to identify the security permissions and audit settings for the Sales OU so that you can delegate the same permissions for the Training OU. What should you do first?()A、 Use the Delegation of Control Wizard.B、 Use the Security Configuration Wizard.C、 Run the dsacls command.D、 Run the xcacls command.
考题
Your network contains an Active Directory domain named contoso.com. You run nslookup.exe as shown in the following Command Prompt window. You need to ensure that you can use Nslookup to list all of the service location (SRV) resource records for contoso.com. What should you modify()A、the root hints of the DNS serverB、the security settings of the zoneC、the Windows Firewall settings on the DNS serverD、the zone transfer settings of the zone
考题
You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level. Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account. You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers. What should you do?()A、 Create a global distribution group in the forest root domain and name it Company Editors.B、 Create a global security group in the forest root domain and name it Company Editors.C、 Create a universal distribution group in the forest root domain and name it Company Editors. D、 Create a universal security group in the forest root domain and name it Company Editors.
考题
Your network consists of a single Active Directory domain. The remote access permission for all users is set to Control access through Remote Access Policy.You have a VPN server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). The current configuration allows all authenticated users to establish VPN connections to Server1. You create a global group named Group1.You need to prevent all members of Group1 from establishing VPN connections to Server1. What should you do?()A、From the local computer policy on Server1, modify the Account Policies settings.B、From Active Directory Users and Computers, modify the Security settings of Group1.C、From the Routing and Remote Access snap-in, create a new remote access policy.D、From the Routing and Remote Access snap-in, open the properties of Server1 and modify the security options.
考题
Your company has a single Active Directory directory service domain. Servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create an internal centrally managed security update infrastructure for client computers. You need to choose a security update management tool that supports all the client computers. Which tool should you choose? ()A、 Microsoft Assessment and Planning (MAP) ToolkitB、 Microsoft Baseline Security AnalyzerC、 Microsoft System Center Operations ManagerD、 Windows Server Update Services (WSUS)
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional. The company has legacy applications that run on UNIX servers. The legacy applications use the LDAP protocol to query Active Directory for employee information. The domain controllers are currently configured with the default security settings. You need to configure enhanced security for the domain controllers. In particular, you want to configure stronger password settings, audit settings, and lockout settings. You want to minimize interference with the proper functioning of the legacy applications. You decide to use the predefined security templates. You need to choose the appropriate predefined security template to apply to the domain controllers. What should you do?()A、 Apply the Setup security.inf template to the domain controllers.B、 Apply the DC security.inf template to the domain controllers.C、 Apply the Securedc.inf template to the domain controllers.D、 Apply the Rootsec.inf template to the domain controllers.
考题
Your network contains an Active Directory domain named contoso.com. All client computer accounts are in an organizational unit (OU) named AllComputers. Client computers run either Windows 7 or Windows 8.You create a Group Policy object (GPO) named GP1. You link GP1 to the AllComputers OU.You need to ensure that GP1 applies only to computers that have more than 8 GB of memory. What should you configure?()A、The Security settings of AllComputersB、The Security settings of GP1C、The WMI filter for GP1D、The Block Inheritance option for AllComputers
考题
单选题Your network contains an Active Directory domain named contoso.com. All client computer accounts are in an organizational unit (OU) named AllComputers. Client computers run either Windows 7 or Windows 8.You create a Group Policy object (GPO) named GP1. You link GP1 to the AllComputers OU.You need to ensure that GP1 applies only to computers that have more than 8 GB of memory. What should you configure?()A
The Security settings of AllComputersB
The Security settings of GP1C
The WMI filter for GP1D
The Block Inheritance option for AllComputers
考题
单选题Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A
UrlScan Security ToolB
Enterprise Scan Tool (EST)C
Malicious Removal Tool (MRT)D
Microsoft Baseline Security Analyzer (MBSA)
考题
单选题Your network contains an Active Directory domain named contoso.com. You run nslookup.exe as shown in the following Command Prompt window. You need to ensure that you can use Nslookup to list all of the service location (SRV) resource records for contoso.com. What should you modify()A
the root hints of the DNS serverB
the security settings of the zoneC
the Windows Firewall settings on the DNS serverD
the zone transfer settings of the zone
考题
单选题You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level. Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account. You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers. What should you do?()A
Create a global distribution group in the forest root domain and name it Company Editors.B
Create a global security group in the forest root domain and name it Company Editors.C
Create a universal distribution group in the forest root domain and name it Company Editors. D
Create a universal security group in the forest root domain and name it Company Editors.
考题
单选题Your company has a single Active Directory directory service domain. Servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create an internal centrally managed security update infrastructure for client computers. You need to choose a security update management tool that supports all the client computers. Which tool should you choose? ()A
Microsoft Assessment and Planning (MAP) ToolkitB
Microsoft Baseline Security AnalyzerC
Microsoft System Center Operations ManagerD
Windows Server Update Services (WSUS)
考题
单选题Your network contains an Active Directory domain named contoso.com. All user accounts are in an organizational unit (OU) named Employees. You create a Group Policy object (GPO) named GP1.You link GP1 to the Employees OU.You need to ensure that GP1 does not apply to the members of a group named Managers. What should you configure?()A
The Security settings of EmployeesB
The WMI filter for GP1C
The Block Inheritance option for EmployeesD
The Security settings of GP1
热门标签
最新试卷
