网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
Your network contains a stand-alone root certification authority (CA). You have a server named Server1 that runs Windows Server 2008 R2. You issue a server certificate to Server1. You deploy Secure Socket Tunneling Protocol (SSTP) on Server1. You need to recommend a solution that allows external partner computers to access internalnetwork resources by using SSTP. What should you recommend?()
- A、Enable Network Access Protection (NAP) on the network.
- B、Deploy the Root CA certificate to the external computers.
- C、Implement the Remote Desktop Connection Broker role service.
- D、Configure the firewall to allow inbound traffic on TCP Port 1723.
参考答案
更多 “ Your network contains a stand-alone root certification authority (CA). You have a server named Server1 that runs Windows Server 2008 R2. You issue a server certificate to Server1. You deploy Secure Socket Tunneling Protocol (SSTP) on Server1. You need to recommend a solution that allows external partner computers to access internalnetwork resources by using SSTP. What should you recommend?()A、Enable Network Access Protection (NAP) on the network.B、Deploy the Root CA certificate to the external computers.C、Implement the Remote Desktop Connection Broker role service.D、Configure the firewall to allow inbound traffic on TCP Port 1723.” 相关考题
考题
Your network contains a server named Server1 that runs Windows Server 2008 R2. You plan to deploy DirectAccess on Server1.You need to configure Windows Firewall on Server1 to support DirectAccess connections.What should you allow from Windows Firewall on Server1?()A. ICMPv6 Echo RequestsB. ICMPv6 RedirectC. IGMPD. IPv6-Route
考题
Your network contains one Active Directory domain. You have a member server named Server1 that runs Windows Server 2008. The server has the Routing and Remote Acecss role service installed. You implement Network Access Protection (NAP) for the domain. You need to configure the Point-to-Point (PPP) authentication method on Server1. Which autnetication method should you choose?()A、Challenge Handshake Authentication Protocol (CHAP)B、Extensible Authentication Protocol (EAP)C、Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2)D、Password Authentication Protocol (PAP)
考题
Your network contains a Network Policy and Access Services server named Server1. All certificates in theorganization are issued by an enterprise certification authority (CA) named Server2. You have a standalonecomputer named Computer1 that runs Windows 7. Computer1 has a VPN connection that connects toServer1 by using SSTP. You attempt to establish the VPN connection to Server1 and receive the followingerror message: A certificate chain processed, but terminated in a root certificate which is not trusted by thetrust provider. You need to ensure that you can successfully establish the VPN connection to Server1. What should you do on Computer1?()A、Import the root certificate to the user s Trusted Publishers store.B、Import the root certificate to the computer s Trusted Root Certification Authorities store.C、Import the server certificate of Server1 to the user s Trusted Root Certification Authorities store.D、Import the server certificate of Server1 to the computer s Trusted Root Certification Authorities store.
考题
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). You have a server named Server1. Server1 is configured as an enterprise root certification authority (CA). You perform a complete backup of Server1 that includes the system state. Server1 fails. You install a new server named Server1. You need to recover the enterprise root CA. What should you do? ()A、Restore the system state backup.B、Restore the %systemroot%/system32/certsrv folder.C、From the Certificates snap-in, import the enterprise root CA certificate.D、From the Certificates snap-in, import the enterprise root CA certificate revocation list (CRL).
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. The domain contains a Windows Server 2003 computer named Server1. You are planning a public key infrastructure (PKI) for the company. You want to deploy a certification authority (CA) on Server1. You create a new global security group named Cert Administrators. You need to delegate the tasks to issue, approve, and revoke certificates to members of the Cert Administrators group. What should you do?()A、 Add the Cert Administrators group to the Cert Publishers group in the domain.B、 Configure the Certificates Templates container in the Active Directory configuration naming context to assign the Cert Administrators group the Allow - Write permission.C、 Configure the CertSrv virtual directory on Server1 to assign the Cert Administrators group the Allow - Modify permission.D、 Assign the Certificate Managers role to the Cert Administrators group.
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an Enterprise Root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server2 to issue certificate revocation lists (CRLs) for the enterprise root CA. Which two tasks should you perform()A、Import the enterprise root CA certificate.B、Import the OCSP Response Signing certificate.C、Add the Server1 computer account to the CertPublishers group.D、Set the Startup Type of the Certificate Propagation service to Automatic.
考题
Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed. External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: There is a problem with this Web sites security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority. You find that users onthe corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()A、In IIS Manager, enable the Enable client certificate mapping option.B、In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.C、In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.D、In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
考题
Your network contains a server named Server1 that runs Windows Server 2008 R2. You plan to deploy DirectAccess on Server1.You need to configure Windows Firewall on Server1 to support DirectAccess connections.What should you allow from Windows Firewall on Server1?()A、ICMPv6 Echo RequestsB、ICMPv6 RedirectC、IGMPD、IPv6-Route
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A、Import the enterprise root CA certificate.B、Configure the Certificate Revocation List Distribution Point extension.C、Configure the Authority Information Access (AIA) extension.D、Add the Server2 computer account to the CertPublishers group.
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A、Import the enterprise root CA certificate.B、Configure the Certificate Distribution Point (CDP) extension.C、Configure the Authority Information Access (AIA) extension.D、Add the Server2 computer account to the CertPublishers group.
考题
You have a server named Server1 that runs Windows Server 2012 R2. You plan to create an image of Server1. You need to remove the source files for all server roles that are not installed on Server1. Which tool should you use?()A、servermanagercmd.exeB、imagex.exeC、dism.exeD、ocsetup.exe
考题
Your network contains an Active Directory domain named contoso.com. The domain contains an application server named Server1. Server1 runs Windows Server 2012 R2. You have a client application named App1 that communicates to Server1 by using dynamic TCP ports. On Server1, a technician runs the following command: New-NetFirewallRule -DisplayName AllowDynamic -Direction Outbound -LocalPort 1024- 65535 -Protocol TCP Users report that they can no longer connect to Server1 by using Appl. You need to ensure that App1 can connect to Server1. What should you run on Server1?()A、Set-NetFirewallRule -DisplayName AllowDynamic -Action AllowB、netsh advfirewall firewall set rule name=allowdynamic new action = allowC、Set-NetFirewallRule -DisplayName AllowDynamic -Direction InboundD、netsh advfirewall firewall add rule name=allowdynamic action=allow
考题
Your network contains a server named Server1 that runs Windows Server 2008 R2. You create an Active Directory Lightweight Directory Services (AD LDS) instance on Server1. You need to create an additional AD LDS application directory partition in the existing instance. Which tool should you use()A、AdaminstallB、DsaddC、DsmodD、Ldp
考题
Your network contains an Active Directory forest. All domain controllers run Windows Server 2008 Standard. The functional level of the domain is Windows Server 2003. You have a certification authority (CA). The relevant servers in the domain are configured as shown in the following table: Server name Operating system Server role Server1 Windows Server 2003 Enterprise root CA Server2 Windows Server 2008 Enterprise subordinate CA Server3 Windows Server 2008 R2 Web Server You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate Enrollment Web Service on the network. What should you do()A、Upgrade Server1 to Windows Server 2008 R2.B、Upgrade Server2 to Windows Server 2008 R2.C、Raise the functional level of the domain to Windows Server 2008.D、Install the Windows Server 2008 R2 Active Directory Schema updates.
考题
Your network consists of a single Active Directory domain. The domain contains a server named Server1. Server1 runs Windows Server 2003 Service Pack 2 (SP2). You install Windows Support Tools on Server1. You need to view the IPSec settings applied to Server1. What command should you run on Server1?()A、Netstat–r IPB、Netdiag/test:ipsecC、Sc query policyagentD、Netsh ipsec static show all
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an Enterprise Root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server2 to issue certificate revocation lists (CRL) for the enterprise root CA. Which two tasks should you perform()A、Import the enterprise root CA certificate.B、Import the OCSP Response Signing certificate.C、Add the Server1 computer account to the CertPublishers group.D、Set the Startup Type of the Certificate Propagation service to Automatic.
考题
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2. You need to create 3-TB virtual hard disk (VHD) on Server1. Which tool should you use?()A、File Server Resource Manager (FSRM)B、New-StoragePoolC、DiskpartD、Share and Storage Management
考题
Your network contains an Active Directory forest. All domain controllers run Windows Server 2008 Standard. The functional level of the domain is Windows Server 2003. You have a certification authority (CA). The relevant servers in the domain are configured as shown in the following table. Server name Operating system Server role Server1 Windows Server 2003 Enterprise root CA Server2 Windows Server 2008 Enterprise subordinate CA Server3 Windows Server 2008 R2 Web Server You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate Enrollment Web Service on the network. What should you do()A、Upgrade Server1 to Windows Server 2008 R2.B、Upgrade Server2 to Windows Server 2008 R2.C、Raise the functional level of the domain to Windows Server 2008.D、Install the Windows Server 2008 R2 Active Directory Schema updates.
考题
You have an Active Directory domain that runs Windows Server 2008 R2. You need to implement a certification authority (CA) server that meets the following requirements: - Allows the certification authority to automatically issue certificates - Integrates with Active Directory Domain Services What should you do()A、Install and configure the Active Directory Certificate Services server role as a Standalone Root CA .B、Install and configure the Active Directory Certificate Services server role as an Enterprise Root CA .C、Purchase a certificate from a third-party certification authority. Install and configure the Active Directory Certificate SD、Purchase a certificate from a third-party certification authority. Import the certificate into the computer store of the sc
考题
Your network contains an Active Directory domain. You have a server named Server1 that runs Windows Server 2008 R2. Server1 is an enterprise root certification authority (CA). You have a client computer named Computer1 that runs Windows 7. You enable automatic certificate enrollment for all client computers that run Windows 7. You need to verify that the Windows 7 client computers can automatically enroll for certificates. Which command should you run on Computer1()A、certreq.exe -retrieveB、certreq.exe -submitC、certutil.exe -getkeyD、certutil.exe -pulse
考题
You install a standalone root certification authority (CA) on a server named Server1. You need to ensure that every computer in the forest has a copy of the root CA certificate installed in the local computer’s Trusted Root Certification Authorities store. Which command should you run on Server1()A、certreq.exe and specify the -accept parameterB、certreq.exe and specify the -retrieve parameterC、certutil.exe and specify the -dspublish parameterD、certutil.exe and specify the -importcert parameter
考题
单选题Your network contains one Active Directory domain. You have a member server named Server1 that runs Windows Server 2008 R2. The server has the Routing and Remote Access Services role service installed.You implement Network Access Protection (NAP) for the domain.You need to configure the Point-to-Point Protocol (PPP) authentication method on Server1. Which authentication method should you use?()A
Challenge Handshake Authentication Protocol (CHAP)B
Extensible Authentication Protocol (EAP)C
Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2)D
Password Authentication Protocol (PAP)
考题
单选题You have a server named Server1 that runs Windows Server 2012 R2. You plan to create an image of Server1. You need to remove the source files for all server roles that are not installed on Server1. Which tool should you use?()A
servermanagercmd.exeB
imagex.exeC
dism.exeD
ocsetup.exe
考题
单选题Your network contains a stand-alone root certification authority (CA). You have a server named Server1 that runs Windows Server 2008 R2. You issue a server certificate to Server1. You deploy Secure Socket Tunneling Protocol (SSTP) on Server1. You need to recommend a solution that allows external partner computers to access internalnetwork resources by using SSTP. What should you recommend?()A
Enable Network Access Protection (NAP) on the network.B
Deploy the Root CA certificate to the external computers.C
Implement the Remote Desktop Connection Broker role service.D
Configure the firewall to allow inbound traffic on TCP Port 1723.
热门标签
最新试卷
