单选题You need to design a method to deploy security configuration settings to servers. What should you do?()ARun the Resultant Set of Policy wizard with a Windows Management Instrumentation (WMI) filter on each department’s Server OUBLog on to each server and use local policy to configure and manage the security settingsCCreate a customer security template. Log on to a domain controller and run the seceditcommand to import the security templateDCreate a customer security template. Create a GPO and import the security template. Link the GPO to each department’s Server OU
单选题
You need to design a method to deploy security configuration settings to servers. What should you do?()
A
Run the Resultant Set of Policy wizard with a Windows Management Instrumentation (WMI) filter on each department’s Server OU
B
Log on to each server and use local policy to configure and manage the security settings
C
Create a customer security template. Log on to a domain controller and run the seceditcommand to import the security template
D
Create a customer security template. Create a GPO and import the security template. Link the GPO to each department’s Server OU
参考解析
解析:
暂无解析
相关考题:
Your company has a single Active Directory Domain Services (AD DS) domain and 1,000 Windows Vista computers. You are planning to deploy Windows 7 and a custom application. You have the following requirements: The application must be available to only a specific group of users. You must be able to monitor application usage. You need to design a deployment method for the custom application that meets the requirements. Which deployment method should you use in your design?()A、software installation in Group PolicyB、startup scripts in Group PolicyC、Microsoft Application Virtualization (App-V)D、baseline Windows 7 image that includes the custom application
You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do?()A、Create a script that installs the Hisecdc.inf security templateB、Use a GPO to distribute and apply the Hisec.inf security templateC、Use the System Policy Editor to configure each server’s security settingsD、Use a GPO to distribute and apply a custom security template
You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A、 Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B、 Apply the Application.inf template and then the Hisecws.inf template.C、 Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D、 Apply the Setup security.inf template and then the Application.inf template.
You are planning a Windows 7 deployment infrastructure for a new company. You have the following requirements: Three domains 10,000 client computers No user interaction You need to recommend a deployment infrastructure. What should you recommend?()A、Deploy Microsoft Deployment Toolkit (MDT) 2010. Design a zero-touch installation.B、Deploy Microsoft System Center Virtual Machine Manager. Design a lite-touch installation.C、Deploy Microsoft System Center Operations Manager 2007 R2. Design a lite-touch installation. D、Deploy Microsoft System Center Configuration Manager 2007 R2. Design a zero-touch installation.
You need to design a method to address the chief information officer’s security concerns. What should you do?()A、Configure Windows Management Instrumentation (WMI) filtering options in the Default Domain Policy GPOB、Use the gpresult commandC、Use Mbsacli.exeD、Configure software restriction policy options in the Default Domain Policy GPO
You need to design a security patch management strategy. Your solution must meet business and security requirements, and it must accommodate the company’s resource restrictions. What should you do?()A、Test and manually deploy updatesB、Deploy a Software Update Services (SUS) server. Test all updates and then approve them. Configure all client computers to automatically obtain updates from the serverC、Test all updates and then use a third-party utility to repackage updates in a Windows Installer file. Deploy the -.msi files by using Group PolicyD、Configure all client computers to use Automatic Updates to obtain security updates from the Windows Update Web site. Test all updates posted to the Windows Update Web site
You need to design a method to enable remote encryption on Server5. What should you do?()A、Configure the editor’s user account properties to enable Store password using reversible encryptionB、Configure the editor’s user account properties to enable Use DES encryption for this accountC、Configure the Local Security Policy on Server to enable the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing security policyD、Configure the Server5 computer account properties to enable Trust computer for delegation
You have an Exchange Server 2010 organization that consists of 50 Exchange Server 2010 servers. Your companys security policy states that approved Exchange and Windows Server patches and securityupdates must be applied to all Exchange servers within one week of being released. You need to recommend a patch management solution that meets the following requirements: .Allow administrators to manually approve patches and security updates .Allow only the installation of approved patches and security updates .Minimize the administrative effort to deploy patches .Minimize the deployment costs What should you include in the solution?()A、Microsoft UpdateB、Microsoft System Center Configuration ManagerC、Windows Server Update ServicesD、Windows Update
You are creating a Windows Communication Foundation (WCF) service based on WSHttpBinding. New audit requirements dictate that callers must be authenticated on every call to ensure that their credentials have not been revoked.You need to ensure that the service will not cache the security request token. What should you do?()A、Apply a ServiceBehavior attribute to the service implementation class with the lnstanceContextMode property set to Single.B、In the message security configuration, change clientCredentialType from lssuedToken to UserNameC、In the message security configuration, set establishSecurityContext to false.D、At the end of every operation, call the SessionStateUtility.RaiseSessionEnd method.
You deploy mobile devices that run Microsoft Windows Mobile 5.0. Company security policy requires an authentication process that is stronger than a user name and password combination. You need to ensure that Microsoft ActiveSync sessions use an authentication process that meets the company security policy. What should you do?()A、Deploy a two-factor authentication process.B、Deploy a single-factor authentication process.C、Deploy a simple PIN policy for the Windows Mobilebased devices.D、Deploy a complex PIN policy for the Windows Mobilebased devices.
You need to ensure that all servers meet the company’s security requirements. Which tool should you use?()A、Microsoft Baseline Security Analyzer (MBSA)B、Microsoft Security Assessment Tool (MSAT)C、Resultant Set of Policy (RSoP)D、Security Configuration Wizard (SCW)
You have a server that runs Windows Server 2003 Service Pack 2 (SP2).You need to compare the current security settings of the server to a security template. Which tool should you use?()A、Security Templates snap-in B、Group Policy Management Console C、Security Configuration and Analysis snap-in D、Microsoft Baseline Security Analyzer (MBSA)
You need to design a method to automate the deployment of critical updates and security patches that are supplied by Microsoft as these updates and security patches are released. Your solution must meet technical requirements. What should you do?()A、Deploy a Windows Server 2003 computer running SUS in the test network. Deploy SUS servers in each child domain to download administrator-approved updates from the test network SUS serverB、Deploy a Windows Server 2003 computer running SUS in the test network Use autoupdate policies in each child domain to download and deploy updates from the test network SUS serverC、Install MBSA on a Windows Server 2003 computer in the network network. Deploy MBSA as a Windows Installer package to all computers in the child domains, and configure MBSA to scan for updates from the server in the test networkD、Install IIS on a Windows Server 2003 computer in the test network. Create a Web site named Updates on this server. Configure an autoupdate policy in each child domain to download and deploy updates from the Updates Web site
You have two stand-alone servers named Server1 and Server2. Both servers run Windows Server 2003 Service Pack 2 (SP2).On Server1, you save the local security policy as a template. You need to import the template to Server2. What should you run on Server2?()A、the Security Templates snap-inB、the Security Configuration WizardC、the Microsoft Baseline Security AnalyzerD、the Security Configuration and Analysis snap-in
You need to recommend a configuration design for the new VMs. The design must ensure that operating systems can be deployed to the new VMs. What should you include in the recommendation?()A、virtual machine queue (VMQ)B、Virtual Machine ChimneyC、a synthetic network adapterD、an emulated network adapter
You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?()A、Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domainB、Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security templateC、Create a logon script to run the secedit command to analyze all servers in the domainD、Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain
单选题You need to ensure that all servers meet the company’s security requirements. Which tool should you use?()AMicrosoft Baseline Security Analyzer (MBSA)BMicrosoft Security Assessment Tool (MSAT)CResultant Set of Policy (RSoP)DSecurity Configuration Wizard (SCW)
多选题You have a single Active Directory directory service forest named contoso.com. You create baseline security settings for a group of computers, and you store the settings in a database. You deploy thebaseline security settings. You need to confirm that the security settings on one of the computers are applied correctly. What are two possible commands that you can run to achieve this goal?()AseceditBgpupdateCnetdomDscwcmd
单选题Your company has a single Active Directory Domain Services (AD DS) domain and 1,000 client computers. You are planning to deploy Windows 7 Enterprise to the client computers. You need to design a zero-touch installation strategy.()Aunattended installationBcustom Windows 7 image on DVDCWindows Deployment Services (WDS)DMicrosoft System Center Configuration Manager 2007 R2
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B Apply the Application.inf template and then the Hisecws.inf template.C Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D Apply the Setup security.inf template and then the Application.inf template.
单选题You need to recommend a NAP enforcement method that meets the companyˉs security requirements. Which method should you recommend?()A802.1XBDHCPCIPSecDVPN
单选题Your network has 1,000 client computers that run Windows XP. You are planning to deploy Windows 7. You plan to use the Microsoft Deployment Toolkit Lite Touch Installation deployment method to deploy the Windows 7 image. You have the following requirements: Migrate 20 computers at a time. Ensure that you conserve network bandwidth. You need to design a deployment strategy that meets the requirements. What should you do?()AConfigure multicast transmission on the deployment point.BConfigure unicast transmission on the deployment point.CCompress the contents of the distribution folder.DDistribute the image by using Background Intelligent Transfer Service (BITS).
单选题You have two stand-alone servers named Server1 and Server2. Both servers run Windows Server 2003 Service Pack 2 (SP2).On Server1, you save the local security policy as a template. You need to import the template to Server2. What should you run on Server2?()Athe Security Templates snap-inBthe Security Configuration WizardCthe Microsoft Baseline Security AnalyzerDthe Security Configuration and Analysis snap-in
单选题You need to design a method to automate the deployment of critical updates and security patches that are supplied by Microsoft as these updates and security patches are released. Your solution must meet technical requirements. What should you do?()ADeploy a Windows Server 2003 computer running SUS in the test network. Deploy SUS servers in each child domain to download administrator-approved updates from the test network SUS serverBDeploy a Windows Server 2003 computer running SUS in the test network Use autoupdate policies in each child domain to download and deploy updates from the test network SUS serverCInstall MBSA on a Windows Server 2003 computer in the network network. Deploy MBSA as a Windows Installer package to all computers in the child domains, and configure MBSA to scan for updates from the server in the test networkDInstall IIS on a Windows Server 2003 computer in the test network. Create a Web site named Updates on this server. Configure an autoupdate policy in each child domain to download and deploy updates from the Updates Web site
单选题You are creating a Windows Communication Foundation (WCF) service based on WSHttpBinding. New audit requirements dictate that callers must be authenticated on every call to ensure that their credentials have not been revoked.You need to ensure that the service will not cache the security request token. What should you do?()AApply a ServiceBehavior attribute to the service implementation class with the lnstanceContextMode property set to Single.BIn the message security configuration, change clientCredentialType from lssuedToken to UserNameCIn the message security configuration, set establishSecurityContext to false.DAt the end of every operation, call the SessionStateUtility.RaiseSessionEnd method.
单选题You are designing a Windows Azure solution. The solution will be used by multiple customers. Each customer has different business logic and user interface requirements. Not all customers use the same version of the .NET runtime. You need to recommend a deployment strategy. What should you recommend?()A Deploy in a multitenant configuration.B Deploy in a single-tenant configuration.C Deploy with multiple web role instances.D Deploy with multiple worker role instances.
单选题You need to design a method to monitor the security configuration of the IIS server to meet the requirements in the written security policy. What should you do?()ALog on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the IIS server computer accountBRun the Microsoft Baseline Security Analyzer (MBSA) on the IIS server and scan for vulnerabilities in Windows and IIS checksCRun Security Configuration and Analysis to analyze the IIS server’s security settings by using a custom security templateDOn the IIS server, run the gpresult command from a command prompt and analyze the output