You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional.  You are planning a security update infrastructure.   You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically.  What should you do? ()A、 Schedule the secedit command to run every night.B、 Schedule the mbsacli.exe command to run every night.C、 Install Microsoft Baseline Security Analyzer (MBSA) on one of the servers. Configure Automatic Updates on all other computers to use that server.D、 Install Software Update Services (SUS) on one of the servers. Configure the SUS server to update every night.

You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional.  You are planning a security update infrastructure.   You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically.  What should you do? ()

  • A、 Schedule the secedit command to run every night.
  • B、 Schedule the mbsacli.exe command to run every night.
  • C、 Install Microsoft Baseline Security Analyzer (MBSA) on one of the servers. Configure Automatic Updates on all other computers to use that server.
  • D、 Install Software Update Services (SUS) on one of the servers. Configure the SUS server to update every night.

相关考题:

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.You need to implement a new software update infrastructure. You discover that security patches, critical updates, and service packs have never been installed on any client computer on the network.You install Windows Server Update Services (WSUS) on a Windows Server 2003 computer named Server5. You synchronize and approve all of the current security patches, critical updates, and service packs.You need to ensure that all client computers receive all Microsoft security patches, critical updates, and service packs.  Which two actions should you perform?()A、Open the WSUS console. Select the option to automatically approve WSUS updates.B、Install the Automatic Updates client on all client computers.C、Modify the Microsoft Update settings of the Default Domain Controller organizational unit (OU) Group Policy object (GPO) to point client computers to http ://server5.D、Modify the Microsoft Update settings of the Default Domain Policy Group Policy object (GPO) to point client computers to http: //server5.E、Open the WSUS console. Create a target group and assign all client computers to the group.

Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers.  Which tool should you choose? ()A、 UrlScan Security ToolB、 Enterprise Scan Tool (EST)C、 Malicious Removal Tool (MRT)D、 Microsoft Baseline Security Analyzer (MBSA)

You are the network administrator for . The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. TestKing acquires a subsidiary. You receive a comma delimited file that contains the names of all user accounts at the subsidiary. You need to import these accounts into your domain. Which command should you use?()A、ldifdeB、csvdeC、ntdsutil with the authoritative restore optionD、dsadd user

Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). All servers and client computers are members of the domain.You need to configure Automatic Updates on all computers to meet the following requirements:  (1)Install updates automatically on all computers.  (2)Prevent users from modifying the Automatic Update settings.  What should you do?()A、From the Default Domain Policy, modify the Windows Update settings.B、On each client computer, run wuauclt.exe /resetauthorization.C、On each client computer, modify the Automatic Updates settings from Control Panel.D、On a server, install and configure Windows Server Updates Services (WSUS) 3.0.

Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You need to ensure that locked out user accounts remain locked out until an administrator unlocks the accounts. What should you do? ()A、In the Default Domain Policy, set the Account lockout duration to 0.B、In the Default Domain Policy, set the Account lockout duration to 99999.C、From Active Directory Users and Computers, select the Account is trusted for delegation option for all user accounts.D、From Active Directory Users and Computers, select the Account is sensitive and cannot be delegated option for all user accounts.

You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains 35 Windows Server 2003 computers; 3,000 Windows XP Professional computers; and 2,000 Windows 2000 Professional computers. Windows Server Update Services (WSUS) is installed on a server named Server1. The necessary Group Policy object (GPO) is configured.You need to confirm whether all computers in the domain have received all approved updates from Server1. What should you do on Server1?()A、Install and configure Urlscan.exe.B、At the command prompt, type gpresult /scope COMPUTER.C、Open the WSUS console. Run the Status of Computers report.D、Open the WSUS console. Run the Synchronization Results report.

ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU.  You need to verify that users are connecting to the two servers by using encrypted connections.   What should you do?()A、Run the net view command.B、Run the gpresult command.C、Use the IP Security Monitor console.D、Use the IPSec Policy Management console.

Your network contains an Active Directory domain. All domain controllers run Windows Server 2008  R2. Client computers run either Windows XP Service Pack 3 (SP3) or Windows Vista.  You need to ensure that all client computers can apply Group Policy preferences.   What should you do()A、Upgrade all Windows XP client computers to Windows 7.B、Create a central store that contains the Group Policy ADMX files.C、Install the Group Policy client-side extensions (CSEs) on all client computers.D、Upgrade all Windows Vista client computers to Windows Vista Service Pack 2 (SP2).

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. You need to implement a new software update infrastructure.  You discover that security patches, critical updates, and service packs have never been installed on any client computer on the network. You install Windows Server Update Services (WSUS) on a Windows Server 2003 computer named Server5. You synchronize and approve all of the current security patches, critical updates, and service packs. You need to ensure that all client computers receive all Microsoft security patches, critical updates, and service packs.  Which two actions should you perform?()A、Open the WSUS console. Select the option to automatically approve WSUS updates.B、Install the Automatic Updates client on all client computers.C、Modify the Microsoft Update settings of the Default Domain Controller organizational unit (OU) Group Policy object (GPO) to point client computers to http ://server5.D、Modify the Microsoft Update settings of the Default Domain Policy Group Policy object (GPO) to point client computers to http: //server5.E、Open the WSUS console. Create a target group and assign all client computers to the group.

You are a network administrator for your company. All domain controllers run Windows Server 2003. The network contains 50 Windows 98 client computers, 300 Windows 2000 Professional computers, and 150 Windows XP Professional computers.   According to the network design specification, the Kerberos version 5 authentication protocol must be used for all client computers on the internal network.   You need to ensure that Kerberos version 5 authentication is used for all client computers on the internal network.   What should you do?  ()A、 On each domain controller, disable Server Message Block (SMB) signing and encryption of the secure channel traffic.B、 Replace all Windows 98 computers with new Windows XP Professional computers.C、 Install the Active Directory Client Extensions software on the Windows 98 computers.D、 Upgrade all Windows 98 computers to Windows NT Workstation 4.0.

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.You install Windows Server Update Services (WSUS) on a network server named Server1. When you attempt to synchronize Server1 with the Windows Update servers, you receive an error message. You open Internet Explorer and verify that you can communicate with an external Web site by using the proxy server. You need to ensure that Server1 can communicate with the Windows Update servers.  What should you do on Server1?()A、Restart the IIS administration tool.B、Configure the Internet Explorer settings to bypass the proxy server.C、In the WSUS options, configure authentication to the proxy server.D、Install the ISA Firewall Client.

You are a network administrator for your company. The network consists of a single Active Directory domain. The domain contains three Windows Server 2003 domain controllers, 20 Windows Server 2003 member servers, and 750 Windows XP Professional computers. The domain is configured to use only Kerberos authentication for all server connections.A user reports that she receives an "Access denied" error message when she attempts to connect to one of the member servers. You want to test the functionality of Kerberos authentication on the user’s client computer.  Which command should you run from the command prompt on the user’s computer?()A、netshB、netdiagC、ktpassD、ksetup

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.You install and configure a single server to run Windows Server Update Services (WSUS). You configure the appropriate Group Policy settings to specify separate WSUS target groups for client and server computers. You need to ensure that computers automatically assign themselves to the correct computer group.  What should you do?()A、In the WSUS console, configure Computer Options so that Use group policy or registry settings on computers is selected.B、In the WSUS console, configure Computer Options so that Use the Move Computers Task in Windows Server Update Services is selected.C、In the WSUS console, create the appropriate computer groups.D、Create organizational units (OUs) for each group.

You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains 35 Windows Server 2003 computers; 3,000 Windows XP Professional computers; and 2,000 Windows 2000 Professional computers.Windows Server Update Services (WSUS) is installed on a server named Server1. The necessary Group Policy object (GPO) is configured.You need to confirm whether all computers in the domain have received all approved updates fromServer1. What should you do on Server1?()A、Install and configure Urlscan.exe.B、At the command prompt, type gpresult /scope COMPUTER.C、Open the WSUS console. Run the Status of Computers report.D、Open the WSUS console. Run the Synchronization Results report.

You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows 2000 Professional with Service Pack 4 or Windows XP Professional. You install Software Update Services (SUS) on a computer named TestKing1. You create a GPO that configures all client computers to receive their software update from TestKing1. One week later, you run Microsoft Baseline Security Analyzer (MBSA) on all client computers to find out whether all updates are being applied. You discover that all the Windows 2000 Professional client computer received updates, but the Windows XP Professional client computers do not receive updates. You verify that the GPO setting was applied on all Windows XP Professional computers. You need to ensure that the Windows XP Professional client computers receive their updates from TestKing1. What should you do?()A、Make all users of the Windows XP Professional client computers members of the Administrators local group.B、On all Windows XP Professional client computers, install Service Pack 1.C、On all Windows XP Professional client computers, restart Automatic Updates.D、On all Windows XP Professional client computers, delete the NoAutoUpdate value under HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU.

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run either Windows 2000 Professional with Service Pack 4 or Windows XP Professional. You install Windows Server Update Services (WSUS) on a computer named Server2. You create a Group Policy object (GPO) that configures all client computers to receive software updates from Server2. One week later, you run Microsoft Baseline Security Analyzer (MBSA) on all client computers to find out whether all updates are being applied. You discover that all of the Windows 2000 Professional client computers receive updates, but the Windows XP Professional client computers do not receive updates.  You verify that the GPO setting was applied on all Windows XP Professional computers. You need to ensure that the Windows XP Professional client computers receive their updates from Server2.   What should you do?()A、Make all users of Windows XP Professional client computers members of the Administrators local group.B、On all Windows XP Professional client computers, install the latest service pack.C、On all Windows XP Professional client computers, use the gpupdate /force command.D、On all Windows XP Professional client computers, delete the NoAutoUpdate value under HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU.

You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows 2003 Server. All client computers run Windows XP Professional.    All computers are configured to use Automatic Updates to install updates without user intervention. Updates are scheduled to occur during o peak hours. During a security audit,you notice some client computers are not receiving updates on a regular basis. You verify that Automatic Updates is running on All client computers, and you verify that users cannot modify the Automatic Updates settings.    You need to ensure that computers on your network receive all updates.  What should you do?()A、 Enable the No auto-restart for scheduled Automatic Updates installations setting.B、 Disable the Specify intranet Microsoft update service location setting.C、 Enable the Remove access to use all Windows Update features setting.D、 Enable the Reschedule Automatic Updates scheduled installations setting.

You are the network administrator for your company. The network consists of a single Active Directory domain. All network servers run Windows Server 2003, and all are members of the domain. All client computers run Windows XP Professional. Five Web servers host the content for the internal network. Each one runs IIS and has Remote Desktop connections enabled. Web developers are frequently required to update content on the Web servers. You need to ensure that the Web developers can use Remote Desktop Connection to transfer Web documents from their client computers to the five Web servers. What should you do? ()A、Install the Terminal Server option on all five Web servers. Use Terminal Services Configuration Manager to modify the session directory setting.B、Install the Terminal Server option on all five Web servers. Use Terminal Services Configuration Manager to create a new Microsoft RDP 5.2 connection.C、On each Web developer's client computer, select the Disk Drives check box in the properties of Remote Desktop Connection.D、On each Web developer's client computer, select the Allow users to connect remotely to this computer check box in the System Properties dialog box.

Your network consists of a single Active Directory domain. The network contains a Terminal Server that runs Windows Server 2008, and client computers that run Windows Vista. All computers are members of the domain.   You deploy an application by using the TS RemoteApp Manager. The Terminal Servers security layer is set to Negotiate.  You need to ensure that domain users are not prompted for credentials when they access the application. What should you do?()A、On the server, modify the Password Policy settings in the local Group Policy.B、On the server, modify the Credential Delegation settings in the local Group Policy.C、On all client computers, modify the Password Policy settings in the local Group Policy.D、On all client computers, modify the Credential Delegation settings in the local Group Policy.

单选题You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. A new low-priority update, Q318138, is released and is synchronized with the Windows Server Update Services (WSUS) server on the network. You decide to approve the update without testing.  After the update is applied to client computers, users report that they can no longer run an accounting application.You need to remove the update from all client computers until you can test the update.  What should you do?()AClear the Automatically approve new versions of previously approved updates option on the WSUS server. Resynchronize the server with the Windows Update server.BClear the update for approval on the WSUS server. Resynchronize the server with the Windows Update servers.CClear the update for approval on the WSUS server. Run the spuninst command from the Systemroot/$NtUninstallQ318138$/spuninst directory on each client computer.DClear the Automatically approve new versions of previously approved updates option on the WSUS server. Delete the Systemroot/$NtUninstallQ318138$ directory on each client computer.

单选题Your network consists of a single Active Directory domain. The network contains a Terminal Server that runs Windows Server 2008, and client computers that run Windows Vista. All computers are members of the domain.   You deploy an application by using the TS RemoteApp Manager. The Terminal Servers security layer is set to Negotiate.  You need to ensure that domain users are not prompted for credentials when they access the application. What should you do?()AOn the server, modify the Password Policy settings in the local Group Policy.BOn the server, modify the Credential Delegation settings in the local Group Policy.COn all client computers, modify the Password Policy settings in the local Group Policy.DOn all client computers, modify the Credential Delegation settings in the local Group Policy.

单选题You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows 2000 Professional with Service Pack 4 or Windows XP Professional. You install Software Update Services (SUS) on a computer named TestKing1. You create a GPO that configures all client computers to receive their software update from TestKing1. One week later, you run Microsoft Baseline Security Analyzer (MBSA) on all client computers to find out whether all updates are being applied. You discover that all the Windows 2000 Professional client computer received updates, but the Windows XP Professional client computers do not receive updates. You verify that the GPO setting was applied on all Windows XP Professional computers. You need to ensure that the Windows XP Professional client computers receive their updates from TestKing1. What should you do?()AMake all users of the Windows XP Professional client computers members of the Administrators local group.BOn all Windows XP Professional client computers, install Service Pack 1.COn all Windows XP Professional client computers, restart Automatic Updates.DOn all Windows XP Professional client computers, delete the NoAutoUpdate value under HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU.

单选题ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU.  You need to verify that users are connecting to the two servers by using encrypted connections.   What should you do?()ARun the net view command.BRun the gpresult command.CUse the IP Security Monitor console.DUse the IPSec Policy Management console.