单选题You are a security administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. All servers run Windows Server 2003. All computers on the network are members of the domain. Traffic on the network is encrypted by IPSec. The domain contains a custom IPSec policy named Lan Security that applies to all computers in the domain. The Lan Security policy does not allow unsecured communication with non-lPSec-aware computers. The company’s written security policy states that the configuration of the domain and the configuration of the Lan Security policy must not be changed. The domain contains a multihomed server named Server1. Server1 isconnected to the company network, and Server1 is also connected to a test network. Currently, the Lan Security IPSec policy applies to network traffic on both network adapters in Server1. You need to configure Server1 so that it communicates on the test network without IPSec security. Server1 must still use the Lan Security policy when it communicates on the company network. How should you configure Server1?()A Configure a packet filter for the network adapter on the test network to block the Internet Key Exchange (IKE) port.B Configure the network adapter on the test network to disable IEEE 802.1x authentication.C Configure the network adapter on the test network to enable TCP/IP filtering, and then permit all traffic.D Use the netsh command to assign a persistent IPSec policy that permits all traffic on the network adapter on the test.E Assign an IPSec policy in the local computer policy that permits all traffic on the network adapter on the test.
单选题
You are a security administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. All servers run Windows Server 2003. All computers on the network are members of the domain. Traffic on the network is encrypted by IPSec. The domain contains a custom IPSec policy named Lan Security that applies to all computers in the domain. The Lan Security policy does not allow unsecured communication with non-lPSec-aware computers. The company’s written security policy states that the configuration of the domain and the configuration of the Lan Security policy must not be changed. The domain contains a multihomed server named Server1. Server1 isconnected to the company network, and Server1 is also connected to a test network. Currently, the Lan Security IPSec policy applies to network traffic on both network adapters in Server1. You need to configure Server1 so that it communicates on the test network without IPSec security. Server1 must still use the Lan Security policy when it communicates on the company network. How should you configure Server1?()
A
Configure a packet filter for the network adapter on the test network to block the Internet Key Exchange (IKE) port.
B
Configure the network adapter on the test network to disable IEEE 802.1x authentication.
C
Configure the network adapter on the test network to enable TCP/IP filtering, and then permit all traffic.
D
Use the netsh command to assign a persistent IPSec policy that permits all traffic on the network adapter on the test.
E
Assign an IPSec policy in the local computer policy that permits all traffic on the network adapter on the test.
参考解析
解析:
暂无解析
相关考题:
According to your resume, you have had some experience working in a foreign company. May I ask you why you left?
You work as a network administrator in your company. Communication inside the company is ensured by network environments, such as GET VPN, Dynamic Multipoint VPN and Ethernet.Which PIN architecture is applicable in those environments?()A.CampusB.TeleworkerC.BranchD.Data center
You have a share on your local computer. This share contains some sensitive applications in theform of .exe files. You want to audit the users who are trying to execute these programs. What should you do?()A、Turn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.B、Turn on auditing for objects in the Local Security Policy and Select 'Object Access'.C、Use Windows Explorer to turn on auditing for the specific files. D、Have the administrator for domains log you on as an administrator and enable auditing for a specific file.E、Turn on auditing for objects in the Local Security Policy and Select 'Account Management'.F、Allow only one account at a time to log on to your shared folder. Check the event viewer to see who logged on.
You work as a network administrator in your company. Communication inside the company is ensured by network environments, such as GET VPN, Dynamic Multipoint VPN and Ethernet. Which PIN architecture is applicable in those environments?()A、CampusB、TeleworkerC、BranchD、Data center
You are a security administrator for your company. All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a server named Server1. The company’s written security policy states that all updates must be tested and approved before they are installed on network computers. You need to ensure that SUS uses the minimum amount of disk space on Server1. What should you do?()A、 Configure Server1 to redirect client computers to the Microsoft Windows Update servers.B、 Compress the folder in which the downloaded updates are stored.C、 Configure Server1 to store only the locales that are needed.D、 Download the updates, and then delete updates that are not approved for client computers.
You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A、 Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B、 Apply the Application.inf template and then the Hisecws.inf template.C、 Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D、 Apply the Setup security.inf template and then the Application.inf template.
You are the network administrator for your company. All servers run Windows Server 2003. Twenty company employees connect to a terminal server named Server2 to run applications and to gain access to the Internet.The 20 employees report that they receive security messages while browsing Internet Web sites. The employees report that they cannot modify the Internet Explorer security settings on their client computers while connected to Server2.You need to allow these 20 employees to modify the Internet Explorer security settings on their client computers while connected to Server2. What should you do?()A、Log on to Server2 as Administrator and add http:// to the list of trusted sites in Internet Explorer.B、Instruct the 20 employees to add http:// to the list of trusted sites in Internet Explorer on their client computers.C、Instruct the 20 employees to change the Internet Explorer privacy settings on their client computers to Low.D、Uninstall Internet Explorer Enhanced Security Configuration on Server2.
You are the desktop administrator for your company. The company's network contains 500 Windows XP Professional computers. The information security department releases a new security template named NewSec.inf. You import NewSec.inf into a security database named NewSec.sdb. You analyze the result, and you review the changes that the template makes. You examine the security policies that are defined in NewSec.inf. You discover that the settings in NewSec.inf have not been implemented on your computer. You need to ensure that the settings in NewSec.inf overwrite the settings in your computer's local security policy. What are two possible ways to achieve this goal?()A、Run the Secedit /configure /db C:/NewSec.sdb command.B、Run the Secedit /refreshpolicy machine_policy command.C、Copy NewSec.inf to the C:/Windows/Inf folder. D、Copy NewSec.sdb to the C:/Windows/System32/Microsoft/Protect folder. E、Use the Security Configuration and Analysis console to open NewSec.sdb and then to perform a Configure operation. F、Use the Security Configuration and Analysis console to export NewSec.sdb to the Defltwk.inf security template.
You are the administrator of your company’s network. You use Security Templates to configure a Security Policy on the Windows 2000 Professional Computers in the Sales organizational unit (OU). You notice that the Computers in the Sales OU are not downloading the Security Policy settings. On each computer, the Security Policy appears in the Local Computer Policy, but is not listed as the effective policy. You want all computers in the Sales OU to have the Security Policy listed as the effective policy. How should you accomplish this task? ()A、Use Security Templates to correct the setting and export the security file.B、Use Security Configuration and Analysis to import the security setting. Then create a Group policy object (GPO) for the Sales QU.C、Use Secedit /RefreshPolicy Machine_Policy command.D、Use the Basicwk.inf security file settings, save the security file, and then import the fileto theComputers.
You are a network administrator of an organization. Maria and John are your network assistant. You have grant then the rights to modify the user properties in the computer management. You want to audit the modification in user accounts. What should you do?()A、Turn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.B、Turn on auditing for objects in the Local Security Policy and Select 'Object Access'. C、Use Windows Explorer to turn on auditing for the specific files.D、Have the administrator for domains log you on as an administrator and enable auditing for a specific file.E、Turn on auditing for objects in the Local Security Policy and Select 'Account Management'.F、Allow only one account at a time to log on to your shared folder. Check the event viewer to see who logged on.
You are a network administrator for ExamSheet.net's Windows 2000 network. Your computer is installed with Windows 2000 Professional. You schedule a task that will copy files from your computer to another computer on the network. You notice that the task is not completing correctly. You manually copy the files from your computer to other computers on the network without any errors. You verify that all of your other tasks are working correctly. You want the task to complete successfully. What should you do? ()A、Start the Remote Procedure Call (RPC) Locater service and configure the service to start automatically.B、Start the RunAs service and configure the service to start automatically.C、Configure the Task Scheduler service account to use the local Administrator account and password. Restart the service.D、Use Scheduled Tasks to configure the task to run under the security context of your account.
You have an Exchange Server 2010 organization. You have a global security group named Legal that contains all the members of your companys legaldepartment. The companys security policy states that the Legal group must be able to search all mailboxes for e-mailmessages that contain specific keywords. You need to recommend a solution for the organization that complies with the security policy. What should you include in the solution?()A、a Discovery Management role groupB、a legal holdC、administrator audit loggingD、Mailbox journaling
You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level. Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account. You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers. What should you do?()A、 Create a global distribution group in the forest root domain and name it Company Editors.B、 Create a global security group in the forest root domain and name it Company Editors.C、 Create a universal distribution group in the forest root domain and name it Company Editors. D、 Create a universal security group in the forest root domain and name it Company Editors.
You are a network administrator for your company. The network consists of a single Active Directory domain. A user named Mary works in the information technology security department. Mary is a member of the ITSecurity global group. Mary reports that no one in the ITSecurity global group can access the security log from the console of a computer named Server1. You need to grant the ITSecurity global group the minimum rights necessary to view the security log on Server1. How should you modify the local security policy?()A、Assign the Generate security audits user right to the ITSecurity global group.B、Assign the Manage auditing and security logs user right to the ITSecurity global group.C、Assign the Allow logon through Terminal Services user right to the ITSecurity global group.D、Assign the Act as part of the operating system user right to the ITSecurity global group.
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows 2003 Server. All client computers run Windows XP Professional. All computers are configured to use Automatic Updates to install updates without user intervention. Updates are scheduled to occur during o peak hours. During a security audit,you notice some client computers are not receiving updates on a regular basis. You verify that Automatic Updates is running on All client computers, and you verify that users cannot modify the Automatic Updates settings. You need to ensure that computers on your network receive all updates. What should you do?()A、 Enable the No auto-restart for scheduled Automatic Updates installations setting.B、 Disable the Specify intranet Microsoft update service location setting.C、 Enable the Remove access to use all Windows Update features setting.D、 Enable the Reschedule Automatic Updates scheduled installations setting.
You are a network administrator for your company. The network consists of a single Active Directory domain. A user named Mary works in the information technology (IT) security department. Mary is a member of the ITSecurity global group. Mary reports that no one in the ITSecurity global group can access the security log from the console of a computer named Server1. You need to grant the ITSecurity global group the minimum rights necessary to view the security log on Server1. How should you modify the local security policy?()A、Assign the Generate security audits user right to the ITSecurity global group.B、Assign the Manage auditing and security logs user right to the ITSecurity global group.C、Assign the Allow logon through Terminal Services user right to the ITSecurity global group.D、Assign the Act as part of the operating system user right to the ITSecurity global group.
You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional. The company has legacy applications that run on UNIX servers. The legacy applications use the LDAP protocol to query Active Directory for employee information. The domain controllers are currently configured with the default security settings. You need to configure enhanced security for the domain controllers. In particular, you want to configure stronger password settings, audit settings, and lockout settings. You want to minimize interference with the proper functioning of the legacy applications. You decide to use the predefined security templates. You need to choose the appropriate predefined security template to apply to the domain controllers. What should you do?()A、 Apply the Setup security.inf template to the domain controllers.B、 Apply the DC security.inf template to the domain controllers.C、 Apply the Securedc.inf template to the domain controllers.D、 Apply the Rootsec.inf template to the domain controllers.
问答题Practice 1 ● You work for a large company. You are going to be transferred to another department within your company. ● Write an email to all staff: ● telling them which department you are moving to ● saying when you will be moving department ● explaining what your new responsibility will be. ● Write 40-50 words.
多选题You have a share on your local computer. Someone has been intentionally damaging your files. You want to be able to know which account is doing this. What do you do? ()ATurn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.BTurn on auditing for objects in the Local Security Policy and Select 'Object Access'.CUse Windows Explorer to turn on auditing for the specific files.DHave the administrator for domains log you on as an administrator and enable auditing for a specific file.ETurn on auditing for objects in the Local Security Policy and Select 'Account Management'.FAllow only one account at a time to log on to your shared folder. Check the event viewer to see who logged on.
单选题You have a share on your local computer. This share contains some sensitive applications in theform of .exe files. You want to audit the users who are trying to execute these programs. What should you do?()ATurn on auditing for objects in the Local Security Policy and Select 'Process Tracking'.BTurn on auditing for objects in the Local Security Policy and Select 'Object Access'.CUse Windows Explorer to turn on auditing for the specific files. DHave the administrator for domains log you on as an administrator and enable auditing for a specific file.ETurn on auditing for objects in the Local Security Policy and Select 'Account Management'.FAllow only one account at a time to log on to your shared folder. Check the event viewer to see who logged on.
单选题You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level. Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account. You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers. What should you do?()A Create a global distribution group in the forest root domain and name it Company Editors.B Create a global security group in the forest root domain and name it Company Editors.C Create a universal distribution group in the forest root domain and name it Company Editors. D Create a universal security group in the forest root domain and name it Company Editors.
单选题You are a security administrator for your company. All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a server named Server1. The company’s written security policy states that all updates must be tested and approved before they are installed on network computers. You need to ensure that SUS uses the minimum amount of disk space on Server1. What should you do?()A Configure Server1 to redirect client computers to the Microsoft Windows Update servers.B Compress the folder in which the downloaded updates are stored.C Configure Server1 to store only the locales that are needed.D Download the updates, and then delete updates that are not approved for client computers.
单选题You are the administrator of your company’s network. Using Windows Installer packages, you want to install customized versions of Microsoft Excel on different departments in the company. Which type of file should you apply to the installation database?()AmsiBmstCzapDzip
单选题You are the desktop administrator for one of your company's branch offices. The network in your branch office contains 100 Windows XP Professional computers. The computers are configured with the Compatws.inf security template. One of the network administrators in the company's main office creates a new security template named CompanySec.inf. The new template is designed to be applied to each of the company's Windows XP Professional computers. The users in your branch office have different security requirements from the users in the main office. You need to find out whether the new security template will violate the security requirements of the users in the branch office. What should you do?()ARun the Secedit.exe command in validation mode and specify the new security template.BRun the Secedit.exe command in configuration mode and specify the new security template. CUse the Security Configuration and Analysis console to import both templates into a security database, and then perform an Analyze operation. DUse the Security Configuration and Analysis console to import both templates into a security database, and then perform a Configure operation.
单选题You are the administrator of your company's network. You want to configure a Security Policy for the Windows 2000 Professional Computers that are in the sales department. On one of the computers, you use Security Templates to configure the Security Policy based on the desired security settings. You then export those settings to an .inf file that will be used on all of the Computers in the sales department. You want to configure each Computer to have a customized Security Policy. What steps should you follow in order to achieve your goal?()AUse Secedit.exe to import the security settings from the .inf file to the computers in the sales department.BUse a text editor to change the default security settings to the desired security settings. Then export those settings to the Computers in the sales department.CCreate an organizational unit (OU) named Sales. Add the users in the sales department to the Sales OU. Then apply the security template to the users in the Sales OU.DCreate an organizational unit (OU) named Sales. Add the computers in the sales department to the Sales OU. Then apply the security template to computers in the Sales OU.
单选题You are the network administrator for your company. The network consists of a single Active Directory forest. The forest consists of 19 Active Directory domains. Fifteen of the domains contain Windows Server 2003 domain controllers. The functional level of all the domains is Windows 2000 native. The network also consists of a single Microsoft Exchange 2000 Server organization. You need to create groups that can be used only to send e-mail messages to user accounts throughout the company. You want to achieve this goal by using the minimum amount of replication traffic and minimizing the size of the Active Directory database. You need to create a plan for creating e-mail groups for your company. What should you do?()A Create global distribution groups in each domain. Make the appropriate users from each domain members of the global distribution group in the same domain. Create universal distribution groups. Make the global distribution groups in each domain members of the universal distribution groups.B Create global security groups in each domain. Make the appropriate users from each domain members of the security group in the same domain. Create universal security groups. Make the global security groups in each domain members of the universal security groups.C Create universal distribution groups. Make the appropriate users from each domain members of a universal distribution group.D Create universal security groups. Make the appropriate users from each domain members of a universal security group.
单选题You are a database administrator for your company. You are responsible for a SQL Server 2005 database that has several indexes. You need to write a stored procedure that checks the indexes for fragmentation. Which Transact-SQL statement should you use?()ADBCC DBREINDEXBSELECT * FROM sys.dm_db_index_physical_statsCDBCC INDEXDEFRAGDSELECT * FROM sys.indexes
单选题You are the network administrator for your company. All network servers run Windows Server 2003. All client computers run Windows XP Professional. A member server named Server1 is located at a branch office that does not permit the use of Remote Desktop Protocol. Another administrator uses the Backup utility to create a scheduled backup job on Server1. The backup job performs a normal backup of an application server. The application server is removed from the network. You need to use a client computer to remove the backup job from Server1. You cannot travel to the branch office. What should you do? ()AUse the RUNAS feature to run the at /delete command as the Server1/Administrator account.BLog on by using your Administrator account and run the ntbackup /D command.CLog on by using your Administrator account and run the schtasks /delete command.DUse the RUNAS feature to run the taskkill command as the Server1/Administrator account.