多选题A new software engineer has been hired. As part of the normal hiring process, the user was added to the Active Directory and placed into the Domain Users group and the SW_DEV group. The Domain Users group has access to the company's intranet website and time card system. The SW_DEV group has access to the source code library server. You have created roles that correspond to each Active Directory group. The user calls the help desk stating that they cannot access the source code library server. Which two troubleshooting tools would you use on the Junos Pulse Access Control Service to resolve the issue?()APerform a policy trace for the specific user and review the output to isolate the problem.BReview the Events log.CReview the Admin Access log to verify that the user has the correct permissions to access the SVVJDEV resource.DReview the User Access log to verify that the user is getting mapped to both the Domain User role and the SW_DEV role.

多选题
A new software engineer has been hired. As part of the normal hiring process, the user was added to the Active Directory and placed into the Domain Users group and the SW_DEV group. The Domain Users group has access to the company's intranet website and time card system. The SW_DEV group has access to the source code library server. You have created roles that correspond to each Active Directory group. The user calls the help desk stating that they cannot access the source code library server. Which two troubleshooting tools would you use on the Junos Pulse Access Control Service to resolve the issue?()
A

Perform a policy trace for the specific user and review the output to isolate the problem.

B

Review the Events log.

C

Review the Admin Access log to verify that the user has the correct permissions to access the SVVJDEV resource.

D

Review the User Access log to verify that the user is getting mapped to both the Domain User role and the SW_DEV role.


参考解析

解析: 暂无解析

相关考题:

Your network contains an Active Directory domain. The domain contains a member server that runs Windows Server 2008 R2.You have a folder named Data that is located on the C drive. The folder has the default NTFS permissions configured.A support technician shares C:\Data by using the File Sharing Wizard and specifies the default settings.Users report that they cannot access the shared folder.You need to ensure that all domain users can access the share.What should you do?()A. Enable access-based enumeration (ABE) on the share.B. Assign the Read NTFS permission to the Domain Users group.C. From the Network and Sharing Center, enable public folder sharing.D. From the File Sharing Wizard, configure the Read permission level for the Domain Users group.

Your company has a single-domain Active Directory forest. The functional level of the domain is Windows Server 2008.   You perform the following activities.    Create a global distribution group.      Add users to the global distribution group.      Create a shared folder on a Windows Server 2008 member server.      Place the global distribution group in a domain local group that has access to the shared folder.  You need to ensure that the users have access to the shared folder.  What should you do()A、Raise the forest functional level to Windows Server 2008.B、Add the global distribution group to the Domain Administrators group.C、Change the group type of the global distribution group to a security group.D、Change the scope of the global distribution group to a Universal distribution group.

Your network consists of a single Active Directory domain. User accounts for engineering department  are located in an OU named Engineering.    You need to create a password policy for the engineering department that is different from your domain  password policy.    What should you do()A、Create a new GPO. Link the GPO to the Engineering OU.B、Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the  Engineering OU.C、Create a global security group and add all the user accounts for the engineering department to the  group. Create a new Password Policy Object (PSO) and apply it to the group.D、Create a domain local security group and add all the user accounts for the engineering department to  the group. From the Active Directory Users and Computer console, select the group and run the  Delegation of Control Wizard.

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All company data is stored in shared folders on network file servers. The data for each department is stored in a departmental shared folder. Users in each department are members of the departmental global group. Each departmental global group is assigned the Allow - Full Control permission for the corresponding departmental shared folder. Company requirements state that all access to shared folders must be configured by using global groups. A user named Richard works in the sales department. Richard needs to be able to modify files in the Marketing shared folder. You need to ensure that Richard has the minimum permissions for the Marketing shared folder that he needs to do his job. You need to achieve this goal while meeting company requirements and without granting unnecessary permissions. What should you do? ()A、Add Richard's user account to the Marketing global group.B、Assign the Sales global group the Allow - Change permission for the Marketing shared folder.C、Create a new global group. Add Richard's user account to the group. Assign the new global group the Allow - Change permission for the Marketing shared folder.D、Assign Richard's user account the Allow - Change permission for the Marketing shared folder.

You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. The functional level of the domain is Windows 2000 native. A global group named Travelling contains 7,000 users. All of these users are assigned portable computers, which they will use to run new POSIX-compliant application. You create a global group named POSIX. For all 7,000 users in Travelling, you change the primary group to POSIX. Members of Travelling now report that they cannot access necessary domain resources. How should you solve this problem?()A、Ensure that each site on your network is connected to at least one other site by a replication link that uses the SMTP protocol.B、Create two new global groups, Travelling1 and Travelling2. Place one half of the members of Travelling in each new group. Then place both new groups in Travelling.C、Remove all domain users from the Users group, and then add all domain users to the group again.D、Remove all users from Travelling. Change Travelling to a universal group. Add the same users to the new Travelling group.

Contoso, Ltd. has an Active Directory domain named ad.contoso.com. Fabrikam, Inc. has an  Active Directory domain named intranet.fabrikam.com.     Fabrikam’s security policy prohibits the transfer of internal DNS zone data outside the Fabrikam  network.     You need to ensure that the Contoso users are able to resolve names from the intranet.fabrikam.com domain.   What should you do()A、Create a new stub zone for the intranet.fabrikam.com domain.B、Configure conditional forwarding for the intranet.fabrikam.com domain.C、Create a standard secondary zone for the intranet.fabrikam.com domain.D、Create an Active Directory-integrated zone for the intranet.fabrikam.com domain.

A new software engineer has been hired. As part of the normal hiring process, the user was added to the Active Directory and placed into the Domain Users group and the SW_DEV group. The Domain Users group has access to the company's intranet website and time card system. The SW_DEV group has access to the source code library server. You have created roles that correspond to each Active Directory group. The user calls the help desk stating that they cannot access the source code library server. Which two troubleshooting tools would you use on the Junos Pulse Access Control Service to resolve the issue?()A、Perform a policy trace for the specific user and review the output to isolate the problem.B、Review the Events log.C、Review the Admin Access log to verify that the user has the correct permissions to access the SVVJDEV resource.D、Review the User Access log to verify that the user is getting mapped to both the Domain User role and the SW_DEV role.

You are the network administrator for TestKing. The network consists of a single Active Directory domain named testking.com. All domain controllers run Windows Server 2003. The sales department recently hired 10 new employees. User accounts for these employees were created in Active Directory. The manager of the sales department sent you a list of a new users and asked you to add the user accounts to an existing global group named SalesDept. You need to add the users to the SalesDept global group. What are two possible ways to achieve this goal? Each correct answer presents a complete solution. Choose two.()A、Use the dsadd user command to add the user accounts to the SalesDept global group.B、Use the dsadd group command to add the user accounts to the SalesDept global group.C、In Active Directory Users and Computers, select all 10 user accounts. Right-click the selected users, and then select the Properties menu command.D、In Active Directory Users and Computers, select all 10 user accounts. Right-click the selected users, and then select the Add to a Group menu command.

Your network consists of Windows XP computers. All computers are joined to a single Active  Directory directory service domain and located in a single Active Directory site. You create a new Group  Policy object (GPO) and link it to the site. The policy configures default screensaver settings. User  accounts of users in the research department are located in an organizational unit (OU) named Research.  You need to allow users in the research department to configure a different screensaver setting on their  computers.  What should you do?()A、 Move the user accounts of users in the research department to the Users container.B、 Configure a local security policy on all computers in the research department to allow users to modify their screensaver settings.C、 Add users in the research department to a domain group. Allow the group the Apply Group Policy permission for the GPO.D、 Add users in the research department to a domain group. Deny the group the Apply Group Policy permission to the GPO.

You are a help desk technician for your company. Your company’s network includes an Active Directory domain and Windows XP Professional computers that are configured as members of the domain. Company policy prohibits users from accessing their computers unless they are authenticated by a domain controller. However, users report that they can log on to their computers, even though a network administrator has told them that a domain controller is not available. As a test, you log off of your computer and disconnect it from the network. You discover that you can log on by using your domain user account. You need to ensure that users cannot access their computers unless they are authenticated by a domain controller. How should you configure the local computer policy on these computers? () A、Enable the Require domain controller to unlock policy.B、Set the Number of previous logons to cache policy to 0.  C、Remove all user and group accounts from the Log on locally user right. D、Remove all user and group accounts from the Access this computer from the network user right.

Your company has an Active Directory Rights Management Services (AD RMS) server. Users  have Windows Vista computers. An Active Directory domain is configured at the Windows Server  2003 functional level.     You need to configure AD RMS so that users are able to protect their documents.     What should you do()A、Install the AD RMS client 2.0 on each client computer.B、Add the RMS service account to the local administrators group on the AD RMS server.C、Establish an e-mail account in Active Directory Domain Services (AD DS) for each RMS user.D、Upgrade the Active Directory domain to the functional level of Windows Server 2008.

Your company has an Active Directory domain. All consultants belong to a global group named   TempWorkers. The TempWorkers group is not nested in any other groups.   You move the computer objects of three file servers to a new organizational unit named SecureServers.   These file servers contain only confidential data in shared folders.   You need to prevent members of the TempWorkers group from accessing the confidential data on the file  servers. You must achieve this goal without affecting access to other domain resources.   What should you do()A、Create a new GPO and link it to the SecureServers organizational unit. Assign the Deny access to this  computer from the network user right to the TempWorkers global group.B、Create a new GPO and link it to the domain. Assign the Deny access to this computer from the network  user right to the TempWorkers global group.C、Create a new GPO and link it to the domain. Assign the Deny log on locally user right to the  TempWorkers global group.D、Create a new GPO and link it to the SecureServers organizational unit. Assign the Deny log on locallyuser right to the TempWorkers global group.

You are the network administrator for Testking.com. The network consists of a single Active Directory forest that contains three domains. The functional level of the forest is Windows Server 2003. The domain names are testking.com, europe.testking.com, and asia.testking.com. Each domain contains 500 user accounts. TestKing.com is in the process of acquiring several other companies whose networks will be add to the testking.com Windows Server 2003 domain. These acquisitions will entail the addition of several new offices, which will be connected to TestKing's network by means of dedicated 56-Kbps WAN connections. You create a new shared folder named NewProjects on a file server in testking.com. Several users in each existing domain need access to the NewProjects folder. These users are not in the same group in any domain. All users who need access to the NewProjects folder must be able to add, delete, and modify files and folders in the NewProjects folder. Users in the acquired companies also will require access to this folder. You need to create the required Active Directory groups and configure the required permissions for the NewProjects folder. Your solution must minimize ongoing administrative effort as you add new companies to the network. You must also minimize unnecessary traffic across the WAN connections. What should you do?()A、Create a single universal security group. Add all users that require access to the folder to the group. Create a domain local group in the testking.com domain. Add the universal group to the domain local group. Assign permissions to the shared folder by using the domain local group.B、Create a global security group in each domain. Add all users that require access to the folder to the global group in their domain. Create a domain local group in testking.com domain. Add the global groups to the domain local group. Assign permissions to the shared folder by using the domain local group.C、Create a universal security group in each domain. Add all users that require access to the folder to the group in their domain. Assign permissions to the shared folder by using the universal groups.D、Create a global security group in each domain. Add all users that require access to the folder to the group in their domain. Assign permissions to the shared folder by using the global groups.

Your company’s network has client computers that run Windows 7.    When a user attempts to log on to the domain from a computer named Client1,she receives the following message:   The system cannot log you on to this domain because the system’s computer account in its primary domain is missing or the password on that account is incorrect.  You need to ensure that the user can log on to the domain from Client1.   What should you do?()A、Disjoin and rejoin Client1 to the domain.B、Add the computer account for Client1 to the Domain Computers Active Directory group.C、Reset the account password for Client1 through Active Directory Users and Computers.D、Reset the account password for the user through Active Directory Users and Computers.

You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level.    Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account.    You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers.  What should you do?()A、 Create a global distribution group in the forest root domain and name it Company Editors.B、 Create a global security group in the forest root domain and name it Company Editors.C、 Create a universal distribution group in the forest root domain and name it Company Editors. D、 Create a universal security group in the forest root domain and name it Company Editors.

Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008 R2. All domain controllers run Windows Server 2008 R2.   A corporate policy requires that the users from the research department have higher levels of account and password security than other users in the domain.   You need to recommend a solution that meets the requirements of the corporate policy. Your solution must minimize hardware and software costs. What should you recommend?()A、Create a new Active Directory site. Deploy a Group Policy object (GPO) to the site.B、Create a new Password Settings Object (PSO) for the research department’s usersC、Create a new organizational unit (OU) named Research in the existing domain. Deploy a Group Policy object (GPO) to the Research OU.D、Create a new domain in the forest.Add the research department’s user accounts to the new domain.Configure a new security policy in the new domain.

You are the network administrator for TestKing.com. All user accounts and groups in the domain are in the container named Users. Company naming conventions require that names of global groups begin with G_ and names of domain local groups begin with DL_. A domain local group named HRServices does not meet the requirements. The HRServices group has one global group member named G_HRUsers. The HRServices group is assigned to Allow - Full Control permission for a shared folder named HRFiles. The shard folder is located on a file server. You need to rename the HRServices group to meet the naming convention requirements. In addition, you need to ensure that user access to the HRFiles shared folder is not disrupted while you perform the procedure. What are two possible ways to achieve this goal? ()(Each correct answer presents a cplete solution. Choose two.)A、Open Active Directory Users and Computers, and then delete the existing HRServices domain local group. Create a new domain local group named DL_HRServices. Add the G_HRUsers group to the DL_HRServices group. Assign the DL_HRServices group the Allow - Full Control permission for the HRFiles shared folder.B、Open the Active Directory Users and Computers, and then change the name of the HRservices group to DL_HRServices.C、Run the following command: dsadd group CN=DL_HRServices,CN=Users,DC=testking.com,DC=com - member CN=G_HRUsers,CN=Users,DC=testking,DC=comD、Run the following command: dsmove CN=HRServices,CN=Users,DC=testking,DC=com -newname DL_HRServices

You are the network administrator for . The network consists of a single Active Directory domain named . All client computers run Windows XP Professional. The finance deparment uses a specific naming process to audit users and their computers. The process requires that each user's client computer has an account in Active Directory and that each client computer name corresponds to a specific user account. A user name Marie is a member of only the Domain Users security group. She reports that the hardware on her computer fails. She receives a new computer. You need to add Marie's new computer to the domain. You need to comply with the finance department naming process. What should you do?()A、Instruct Marie to run the ipconfig /flushdns command on her new computer and to add the new computer to the domain by using the same computer name as her failed computer.B、Assign Marie permissions for adding computer accounts to the default container named Computers. Instruct Marie to add her new computer to the domain.C、Reset the computer account for Marie's failed computer. Instruct Marie to add her new computer to the domain by using the same name as her failed computer.D、Configure the IP address of Marie's new computer to be the same as the failed computer. Instruct Marie to add the new computer to the domain.

You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. Your new assistant, Tess, will perform basic administrative tasks on a member server named TestKingSrvC. Tess is not a member of the local Administrators group on TestKingSrvC, but she can log on to the server console. Tess reports that she receives an error message when she tries to use Remote Desktop. The error message states: "The local policy of this system does not permit you to log on interactively". You need to ensure that Tess can use Remote Desktop to log on to TestKingSrvC. What should you do?()A、Add Tess's user account to the Remote Desktop Users domain local group.B、Add Tess's user account to the Remote Desktop Users local group on TestKingSrvc.C、On the Remote Control tab of Tess's domain account, select the Enable remote control option.D、On the Security tab of Tess's domain account, add the Remote Desktop Users domain local group. Assign the Allow - Full Control permissions to this group.

Certkiller.com has a server with Active Directory Rights Management Services (AD RMS) server installed. Users have computers with Windows Vista installed on them with an Active Directory domain installed at Windows Server 2003 functional level. As an administrator at Certkiller.com, you discover that the users are unable to benefit from AD RMS to protect their documents. You need to configure AD RMS to enable users to use it and protect their documents. What should you do to achieve this functionality()A、Configure an email account in Active Directory Domain Services (AD DS) for each user.B、Add and configure ADRMSADMIN account in local administrators group on the user computersC、Add and configure the ADRMSSRVC account in AD RMS server’s local administrator groupD、Reinstall the Active Directory domain on user computersE、All of the above

Your company has four offices.   The network contains a single Active Directory domain.   Each office has domain controller. Each office has an organitational unit (OU) that contains the  user accounts for the users in that office.   In each office, support technicians perform basic troubleshooting for the users in their respective  office.   You need to ensure that the support technicians can reset the password for the user accounts in  their respective office only. The solution must prevent the thechnicians from creating user  accounts.   What shoul you do()A、Four each OU, run the Delegation of Control Wizard.B、For the domain, run the Delegation of Control Wizard.C、For each office, create an Active Directory group, and then modify the security setting for each group.D、For each office, create an Active Directory group, and then modify the contorlAccessRights attirbute for each group

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003.   The network contains servers that have Terminal Server enabled. The terminal servers host legacy applications that currently require users to be members of the Power Users group.   A new requirement in the company’s written security policy states that the Power Users group must be empty on all resource servers.   You need to maintain the ability to run the legacy applications on the terminal servers when the new security requirement is implemented.   What should you do?  ()A、 Add the Domain Users global group to the Remote Desktop Users built-in group in the domain.  B、 Add the Domain Users global group to the Remote Desktop Users local group on each terminal server.C、 Modify the Compatws.inf security template settings to allow members of the local Users group to run the applications. Import the security template into the Default Domain Controllers Policy Group Policy object (GPO).D、 Modify the Compatws.inf security template settings to allow members of the local Users group to run the applications. Apply the modified template to each terminal server.

单选题You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. Your new assistant, Tess, will perform basic administrative tasks on a member server named TestKingSrvC. Tess is not a member of the local Administrators group on TestKingSrvC, but she can log on to the server console. Tess reports that she receives an error message when she tries to use Remote Desktop. The error message states: "The local policy of this system does not permit you to log on interactively". You need to ensure that Tess can use Remote Desktop to log on to TestKingSrvC. What should you do?()AAdd Tess's user account to the Remote Desktop Users domain local group.BAdd Tess's user account to the Remote Desktop Users local group on TestKingSrvc.COn the Remote Control tab of Tess's domain account, select the Enable remote control option.DOn the Security tab of Tess's domain account, add the Remote Desktop Users domain local group. Assign the Allow - Full Control permissions to this group.

单选题Your company has four offices.   The network contains a single Active Directory domain.   Each office has domain controller. Each office has an organitational unit (OU) that contains the  user accounts for the users in that office.   In each office, support technicians perform basic troubleshooting for the users in their respective  office.   You need to ensure that the support technicians can reset the password for the user accounts in  their respective office only. The solution must prevent the thechnicians from creating user  accounts.   What shoul you do()AFour each OU, run the Delegation of Control Wizard.BFor the domain, run the Delegation of Control Wizard.CFor each office, create an Active Directory group, and then modify the security setting for each group.DFor each office, create an Active Directory group, and then modify the contorlAccessRights attirbute for each group

多选题You are the network administrator for TestKing.com. All user accounts and groups in the domain are in the container named Users. Company naming conventions require that names of global groups begin with G_ and names of domain local groups begin with DL_. A domain local group named HRServices does not meet the requirements. The HRServices group has one global group member named G_HRUsers. The HRServices group is assigned to Allow - Full Control permission for a shared folder named HRFiles. The shard folder is located on a file server. You need to rename the HRServices group to meet the naming convention requirements. In addition, you need to ensure that user access to the HRFiles shared folder is not disrupted while you perform the procedure. What are two possible ways to achieve this goal? ()(Each correct answer presents a cplete solution. Choose two.)AOpen Active Directory Users and Computers, and then delete the existing HRServices domain local group. Create a new domain local group named DL_HRServices. Add the G_HRUsers group to the DL_HRServices group. Assign the DL_HRServices group the Allow - Full Control permission for the HRFiles shared folder.BOpen the Active Directory Users and Computers, and then change the name of the HRservices group to DL_HRServices.CRun the following command: dsadd group CN=DL_HRServices,CN=Users,DC=testking.com,DC=com - member CN=G_HRUsers,CN=Users,DC=testking,DC=comDRun the following command: dsmove CN=HRServices,CN=Users,DC=testking,DC=com -newname DL_HRServices

多选题You are the network administrator for TestKing. The network consists of a single Active Directory domain named testking.com. All domain controllers run Windows Server 2003. The sales department recently hired 10 new employees. User accounts for these employees were created in Active Directory. The manager of the sales department sent you a list of a new users and asked you to add the user accounts to an existing global group named SalesDept. You need to add the users to the SalesDept global group. What are two possible ways to achieve this goal? Each correct answer presents a complete solution. Choose two.()AUse the dsadd user command to add the user accounts to the SalesDept global group.BUse the dsadd group command to add the user accounts to the SalesDept global group.CIn Active Directory Users and Computers, select all 10 user accounts. Right-click the selected users, and then select the Properties menu command.DIn Active Directory Users and Computers, select all 10 user accounts. Right-click the selected users, and then select the Add to a Group menu command.

单选题You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level.    Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account.    You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers.  What should you do?()A Create a global distribution group in the forest root domain and name it Company Editors.B Create a global security group in the forest root domain and name it Company Editors.C Create a universal distribution group in the forest root domain and name it Company Editors. D Create a universal security group in the forest root domain and name it Company Editors.