网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
You are a network administrator for your company. All domain controllers run Windows Server 2003. The network contains 50 Windows 98 client computers, 300 Windows 2000 Professional computers, and 150 Windows XP Professional computers. According to the network design specification, the Kerberos version 5 authentication protocol must be used for all client computers on the internal network. You need to ensure that Kerberos version 5 authentication is used for all client computers on the internal network. What should you do? ()
A
On each domain controller, disable Server Message Block (SMB) signing and encryption of the secure channel traffic.
B
Replace all Windows 98 computers with new Windows XP Professional computers.
C
Install the Active Directory Client Extensions software on the Windows 98 computers.
D
Upgrade all Windows 98 computers to Windows NT Workstation 4.0.
参考答案
参考解析
解析:
暂无解析
更多 “单选题You are a network administrator for your company. All domain controllers run Windows Server 2003. The network contains 50 Windows 98 client computers, 300 Windows 2000 Professional computers, and 150 Windows XP Professional computers. According to the network design specification, the Kerberos version 5 authentication protocol must be used for all client computers on the internal network. You need to ensure that Kerberos version 5 authentication is used for all client computers on the internal network. What should you do? ()A On each domain controller, disable Server Message Block (SMB) signing and encryption of the secure channel traffic. B Replace all Windows 98 computers with new Windows XP Professional computers. C Install the Active Directory Client Extensions software on the Windows 98 computers. D Upgrade all Windows 98 computers to Windows NT Workstation 4.0.” 相关考题
考题
You are the network administrator for your company. The network originally consists of a single Windows NT 4.0 domain.You upgrade the domain to a single Active Directory domain. All network servers now run Windows Server 2003, and all client computers run Windows XP Professional.Your staff provides technical support to the network. They frequently establish Remote Desktop connections with a domain controller named DC1.You hire 25 new support specialists for your staff. You use Csvde.exe to create Active Directory user accounts for all 25.A new support specialist named Paul reports that he cannot establish a Remote Desktop connection with DC1. He receives the message shown in the Logon Message exhibit. (Click the Exhibit button.)You open Gpedit.msc on DC1. You see the display shown in the Security Policy exhibit. (Click the Exhibit button.)You need to ensure that Paul can establish Remote Desktop connections with DC1.What should you do? ()
考题
You are an administrator of Ezonexam.com's network. You want to perform. routine upgrades on your Windows 2000 Server computer. You use your non-administrator user account in the domain to logon to the server.You want to upgrade all of the critical system files and patches on the server in the shortest possible time.What should you do?A.Use Windows Update.B.Run System File Checker.C.Log on as administrator and run Windows Update.D.Log on as administrator and run System File Checker.
考题
Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008 R2. All servers run Windows Server 2008 R2. A corporate security policy requires complex passwords for user accounts that have administrator privileges. You need to design a strategy that meets the following requirements: èEnsures that administrators use complex passwords èMinimizes the number of servers required to support the solution What should you include in your design?()A、Implement Network Access Protection (NAP).B、Implement Active Directory Rights Management Services (AD RMS).C、Create a new Password Settings Object (PSO) for administrator accounts.D、Create a new child domain in the forest. Move all non-administrator accounts to the new domain.Configure a complex password policy in the root domain.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. The domain contains a Windows Server 2003 computer named Server1. You are planning a public key infrastructure (PKI) for the company. You want to deploy a certification authority (CA) on Server1. You create a new global security group named Cert Administrators. You need to delegate the tasks to issue, approve, and revoke certificates to members of the Cert Administrators group. What should you do?()A、 Add the Cert Administrators group to the Cert Publishers group in the domain.B、 Configure the Certificates Templates container in the Active Directory configuration naming context to assign the Cert Administrators group the Allow - Write permission.C、 Configure the CertSrv virtual directory on Server1 to assign the Cert Administrators group the Allow - Modify permission.D、 Assign the Certificate Managers role to the Cert Administrators group.
考题
ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU. You need to verify that users are connecting to the two servers by using encrypted connections. What should you do?()A、Run the net view command.B、Run the gpresult command.C、Use the IP Security Monitor console.D、Use the IPSec Policy Management console.
考题
You are a network administrator for your company. All domain controllers run Windows Server 2003. The network contains 50 Windows 98 client computers, 300 Windows 2000 Professional computers, and 150 Windows XP Professional computers. According to the network design specification, the Kerberos version 5 authentication protocol must be used for all client computers on the internal network. You need to ensure that Kerberos version 5 authentication is used for all client computers on the internal network. What should you do? ()A、 On each domain controller, disable Server Message Block (SMB) signing and encryption of the secure channel traffic.B、 Replace all Windows 98 computers with new Windows XP Professional computers.C、 Install the Active Directory Client Extensions software on the Windows 98 computers.D、 Upgrade all Windows 98 computers to Windows NT Workstation 4.0.
考题
You are the administrator of your company’s network. You run the English (US) edition of Windows 2000 Professional on all computers in your network. As your company continues to grow, and the number of computers is continually expanding, you decide that another domain is needed. Management asks you about what is required to accommodate this new domain. What should you answer the Management in this regard? ()A、WINS, DHCP and DNSB、At least one domain controller and one DNS server.C、At least one domain controller, Active Directory and DNS server.D、Nothing more is needed.E、Nothing more is needed, we can just subnet the network.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains 35 Windows Server 2003 computers; 3,000 Windows XP Professional computers; and 2,000 Windows 2000 Professional computers.Windows Server Update Services (WSUS) is installed on a server named Server1. The necessary Group Policy object (GPO)is configured.You need to confirm whether all computers in the domain have received all approved updates from Server1. What should you do on Server1?()A、Install and configure Urlscan.exe.B、At the command prompt, type gpresult /scope COMPUTER.C、Open the WSUS console. Run the Status of Computers report.D、Open the WSUS console. Run the Synchronization Results report.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional. You are planning a security update infrastructure. You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically. What should you do? ()A、 Schedule the secedit command to run every night.B、 Schedule the mbsacli.exe command to run every night.C、 Install Microsoft Baseline Security Analyzer (MBSA) on one of the servers. Configure Automatic Updates on all other computers to use that server.D、 Install Software Update Services (SUS) on one of the servers. Configure the SUS server to update every night.
考题
You are a network administrator for your company. The network consists of a single Active Directory domain. The domain contains three Windows Server 2003 domain controllers, 20 Windows Server 2003 member servers, and 750 Windows XP Professional computers. The domain is configured to use only Kerberos authentication for all server connections.A user reports that she receives an "Access denied" error message when she attempts to connect to one of the member servers. You want to test the functionality of Kerberos authentication on the user’s client computer. Which command should you run from the command prompt on the user’s computer?()A、netshB、netdiagC、ktpassD、ksetup
考题
You are the network administrator for your company. Your network consists of a single Active Directory domain named All network servers run Windows Server 2003. A total of three servers are configured as domain controllers. You need to restore a failed domain controller named DC3. The last backup for any domain controller on the network occurred one week ago. First, you reinstall Windows Server 2003 on DC3. What should you do next?()A、Start DC3 and select Directory Services Restore Mode. Perform a nonauthoriative restoration.B、Start DC3 and select the Recovery Console. Perform a nonauthoriative restoration.C、Run Ntbackup.exe on DC3 to restore the System State data.D、Run the Active Directory Installation Wizard on DC3.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. You need to update six high-visibility servers with critical updates by using Windows Server Update Services (WSUS). You approve all of the updates.You need to ensure that the updates are applied within one hour. What should you do?()A、On the WSUS server, type the gpupdate /force command at the command prompt.B、On the WSUS server, type the wuauclt /detectnow command at the command prompt.C、On each of the six servers, type the gpupdate /force command at the command prompt.D、On each of the six servers, type the wuauclt /detectnow command at the command prompt.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003, and each one has a locally attached tape device. You need to back up each domain controller. Your backup process must fulfill the following requirements: System recovery must be possible in the event of server failure. The system configuration and all current dynamic disk configurations must be backed up. Other data partitions do not need to be backed up. What should you do?()A、Use the Backup utility to back up the system files and to create an Automated System Recovery (ASR) disk.B、Use the Backup utility to back up the contents of all mounted drives.C、Use the Backup utility to back up only the System State data.D、Use the Copy command to copy C:/windows and its subfolders to a shared folder on the network.E、Use the Xcopy command to copy C:/windows and its subfolders to a shared folder on the network.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional. The company has legacy applications that run on UNIX servers. The legacy applications use the LDAP protocol to query Active Directory for employee information. The domain controllers are currently configured with the default security settings. You need to configure enhanced security for the domain controllers. In particular, you want to configure stronger password settings, audit settings, and lockout settings. You want to minimize interference with the proper functioning of the legacy applications. You decide to use the predefined security templates. You need to choose the appropriate predefined security template to apply to the domain controllers. What should you do?()A、 Apply the Setup security.inf template to the domain controllers.B、 Apply the DC security.inf template to the domain controllers.C、 Apply the Securedc.inf template to the domain controllers.D、 Apply the Rootsec.inf template to the domain controllers.
考题
You are the network administrator for your company. The network contains a single Active Directory domain. All computers on the network are members of the domain. All domain controllers run Windows Server 2003. You are planning a public key infrastructure (PKI). The PKI design documents for your company specify that certificates that users request to encrypt files must have a validity period of two years. The validity period of a Basic EFS certificate is one year. In the Certificates Templates console, you attempt to change the validity period for the Basic EFS certificate template. However, the console does not allow you to change the value. You need to ensure that you can change the value of the validity period of the certificate that users request to encrypt files. What should you do? ()A、 Install an enterprise certification authority (CA) in each domain.B、 Assign the Domain Admins group the Allow - Full Control permission for the Basic EFS certificate template.C、 Create a duplicate of the Basic EFS certificate template. Enable the new template for issuing certificate authorities.D、 Instruct users to connect to the certification authority (CA) Web enrollment pages to request a Basic EFS certificate.
考题
单选题You are the network administrator for your company. The network contains a single Active Directory domain. All computers on the network are members of the domain. All domain controllers run Windows Server 2003. You are planning a public key infrastructure (PKI). The PKI design documents for your company specify that certificates that users request to encrypt files must have a validity period of two years. The validity period of a Basic EFS certificate is one year. In the Certificates Templates console, you attempt to change the validity period for the Basic EFS certificate template. However, the console does not allow you to change the value. You need to ensure that you can change the value of the validity period of the certificate that users request to encrypt files. What should you do? ()A
Install an enterprise certification authority (CA) in each domain.B
Assign the Domain Admins group the Allow - Full Control permission for the Basic EFS certificate template.C
Create a duplicate of the Basic EFS certificate template. Enable the new template for issuing certificate authorities.D
Instruct users to connect to the certification authority (CA) Web enrollment pages to request a Basic EFS certificate.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. All network servers run Windows Server 2003. The domain contains three domain controllers: DC1, DC2, and DC3. Each one hosts user data. DC1 experiences hard disk failure. You need to temporarily restore the user data to DC2. Which type of restoration should you perform? ()A
Automated System Recovery (ASR)B
normalC
primaryD
authoritative
考题
单选题You are the network administrator for your company. The network consists of a single Active Directorydomain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional with default settings. Some users have portable computers, and the rest have desktop computers.You need to ensure that all users are authenticated by a domain controller when they log on.How should you modify the local security policy? ()A
Require authentication by a domain controller to unlock the client computer.B
Cache zero interactive logons.C
Cache 50 interactive logons.D
Grant the Log on locally user right to the Users group.
考题
单选题You are a help desk technician for your company. Your company’s network includes an Active Directory domain and Windows XP Professional computers that are configured as members of the domain. Company policy prohibits users from accessing their computers unless they are authenticated by a domain controller. However, users report that they can log on to their computers, even though a network administrator has told them that a domain controller is not available. As a test, you log off of your computer and disconnect it from the network. You discover that you can log on by using your domain user account. You need to ensure that users cannot access their computers unless they are authenticated by a domain controller. How should you configure the local computer policy on these computers? ()A
Enable the Require domain controller to unlock policy.B
Set the Number of previous logons to cache policy to 0. C
Remove all user and group accounts from the Log on locally user right. D
Remove all user and group accounts from the Access this computer from the network user right.
考题
单选题You are the network administrator for . The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. TestKing acquires a subsidiary. You receive a comma delimited file that contains the names of all user accounts at the subsidiary. You need to import these accounts into your domain. Which command should you use?()A
ldifdeB
csvdeC
ntdsutil with the authoritative restore optionD
dsadd user
考题
多选题You are the systems engineer for your company. The network consists of three physical networks connected by hardware-based routers. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. Each physical network contains at least one domain controller and at least one DNS server. One physical network contains a Microsoft Internet Security and Acceleration (ISA) Server array that provides Internet access for the entire company. The network also contains a certificate server. Company management wants to ensure that all data is encrypted on the network and that all computers transmitting data on the network are authenticated. You decide to implement IPSec on all computers on the network. You edit the Default Domain Policy Group Policy object (GPO) to apply the Secure Server (Require Security) IPSec policy. Users immediately report that they cannot access resources located in remote networks. You investigate and discover that all packets are being dropped by the routers. You also discover that Active Directory replication is not functioning between domain controllers in different networks. You need to revise your design and implementation to allow computers to communicate across the entire network. You also need to ensure that the authentication keys are stored encrypted. Which two actions should you take?()AConfigure the routers to use IPSec and a preshared key for authentication.BConfigure the routers to use IPSec and a certificate for authentication.CConfigure the routers to use IPSec and Kerberos for authenticationDReconfigure the GPOs to require a preshared key for IPSec authentication.EReconfigure the GPOs to require a certificate for IPSec authentication.
考题
单选题Your network contains a single Active Directory domain. All servers on the network are members of the domain. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has two NTFS partitions. You create and share a folder named Data in the root of a partition on Server1. You log on to your computer by using the domain Administrator account and discover that you cannot modify files in the Data share. You need to ensure that the Administrator can modify files in the Data share. The solution must use the minimum amount of permissions. What should you do? ()A
Modify the NTFS permissions on the Data folder.B
Modify the share permissions on the Data share.C
Add the domain administrator to the local Administrator’s group on Server1.D
Move the Data folder to a new file allocation table (FAT) partition. Share the folder by using the default permissions.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. The domain contains a Windows Server 2003 computer named Server1. You are planning a public key infrastructure (PKI) for the company. You want to deploy a certification authority (CA) on Server1. You create a new global security group named Cert Administrators. You need to delegate the tasks to issue, approve, and revoke certificates to members of the Cert Administrators group. What should you do?()A
Add the Cert Administrators group to the Cert Publishers group in the domain.B
Configure the Certificates Templates container in the Active Directory configuration naming context to assign the Cert Administrators group the Allow - Write permission.C
Configure the CertSrv virtual directory on Server1 to assign the Cert Administrators group the Allow - Modify permission.D
Assign the Certificate Managers role to the Cert Administrators group.
考题
单选题You are the network administrator for your company. All network servers run Windows Server 2003. All client computers run Windows XP Professional. A member server named Server1 is located at a branch office that does not permit the use of Remote Desktop Protocol. Another administrator uses the Backup utility to create a scheduled backup job on Server1. The backup job performs a normal backup of an application server. The application server is removed from the network. You need to use a client computer to remove the backup job from Server1. You cannot travel to the branch office. What should you do? ()A
Use the RUNAS feature to run the at /delete command as the Server1/Administrator account.B
Log on by using your Administrator account and run the ntbackup /D command.C
Log on by using your Administrator account and run the schtasks /delete command.D
Use the RUNAS feature to run the taskkill command as the Server1/Administrator account.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. All network servers run Windows Server 2003. The domain contains three domain controllers: DC1, DC2, and DC3. Each one hosts user data. DC1 experiences hard disk failure. You need to temporarily restore the user data to DC2. Which type of restoration should you perform? ()A
Automated System Recovery (ASR)B
normalC
primaryD
authoritative
热门标签
最新试卷
