You are the administrator of a SQL Server 2005 computer named SQL1. SQL1 is a member of a Microsoft Active Directory domain. You do not have any rights or privileges to perform domain administration. However, you have been granted membership in the local Administrators group on SQL1. You perform most of the management of SQL1 from your administrative workstation. However, for security reasons, you want to track all attempts for interactive logons and network connections to SQL1. What should you do?()A、Create a Group Policy object (GPO) that is configured for success and failure auditing of the Audit account logon events setting. Ask the domain administrator to link the GPO to the object containing SQL1.B、Configure the SQL Server service on SQL1 to audit all successful and failed logon attempts.C、Edit the local security policy of SQL1. Then, configure success and failure auditing on the Audit logon events setting.D、Run the SQL Server Profiler and use a standard default template.
You are the administrator of a SQL Server 2005 computer named SQL1. SQL1 is a member of a Microsoft Active Directory domain. You do not have any rights or privileges to perform domain administration. However, you have been granted membership in the local Administrators group on SQL1. You perform most of the management of SQL1 from your administrative workstation. However, for security reasons, you want to track all attempts for interactive logons and network connections to SQL1. What should you do?()
- A、Create a Group Policy object (GPO) that is configured for success and failure auditing of the Audit account logon events setting. Ask the domain administrator to link the GPO to the object containing SQL1.
- B、Configure the SQL Server service on SQL1 to audit all successful and failed logon attempts.
- C、Edit the local security policy of SQL1. Then, configure success and failure auditing on the Audit logon events setting.
- D、Run the SQL Server Profiler and use a standard default template.
相关考题:
You want to upgrade a Windows NT Server 4.0 computer named Server34 to Windows 2000 Server. Server34 is a member server in a Windows 2000 domain named marketing.fabrikam.local. The domain runs in native mode.You want to change the role of Server34 from a member server to a domain controller in the same domain. What should you do? (Choose Two)A.Reinstall Windows NT Server 4.0 on Server34 in the same WINNT folder, and make Server34 a BDC in the marketing domain.B.Use Server Manager on Server34 and promote Server34 to a PDC for the marketing domain.C.Upgrade Server34 to Windows 2000 Server.D.Run the Active Directory installation wizard to make Server34 a domain controller in the marketing.fabrikam.local domain.E.Run the Active Directory installation wizard to convert Server34 to a domain controller in the marketing.fabrikam.local domain.
You are the administrator of a new Microsoft Windows 2000 server computer named HQSQL5. HQSQL5 is a member server in your company's Windows NT 4.0 domain, which is named HQMAIN.After installing SQL Server 2000 on HQSQL5, you configure the MSSQLServer service account to use the HQMAIN\sqladmin user account, which is a member of the local administrators group on HQSQL5.You can use the HQMAIN\sqladmin user account to log on the HQSQL5. However, the MSSQLServer service fails to start. You need to start the service. What should you do?A.Revoke Log on interactivity rights for the HQMAIN\sqladmin user account.B.Add the HQMAIN\sqladmin user account to the HQMAIN\Domain Admins group.C.Select the Password Never Expires check box for the HQMAIN\sqladmin user account.D.Grant Log on as a service rights to the HQMAIN\sqladmin user account.
You are the domain administrator for TestKing‘s Active Directory domain. Thedomain consists of four domain controllers named TestkingDC1, TestkingDC2,TestkingDC3, and TestkingDC4. TestkingDC1 and TestkingDC2 run Windows 2000Server and have the latest service pack installed. TestkingDC3 and TestkingDC4run Windows Server 2003. All client computers run Windows XP Professional andhave the latest service pack installed.You have a new client computer that you plan to use to perform domainadministration functions.You need to be able to manage Active Directory users and computers remotely.What should you do?()A. Install the Windows Support Tools from the Windows Server 2003 installation CD on your client computer.B. Install the Adminpak.msi file from the Windows Server 2003 installation CD on your client computer.C. Use the Help and Support Center tools on your client computer to connect to the domain controller that you need to manage.D. Use Computer Management on your client computer to connect to the domain controller that you need to manage.
You are the administrator of an Active Directory domain named Auser reports that he cannot log on to a Windows Server 2003 computer that containsa critical application.You discover that the organizational unit (OU) in which the server is located wasdeleted. You discover that the user rights for this server are controlled by GroupPolicy.You need to restore access to the server. You need to achieve this goal by using theminimum amount of administrative effort.What should you do?()A. Perform a normal restoration of the System State data for the domain controller. Force replication.B. Perform an authoritative restoration of the System State data for the domain controller. Mark the OU for replication.C. Re-create the OU that was deleted. Reapply Group Policy, and then add the computer account and any necessary users or groups.D. Perform an Automated System Recovery (ASR) restoration on the domain controller.
You are configuring SQL1 so that the distributed query in the Sales database can access data in the CRM database on SQL2. You create a linked server for SQL2, and you create a linked server login that uses impersonation.Now, you need to ask the network administrator to configure SQL1. Which two tasks should you ask the administrator to perform?()A、Add the user account that is used by the SQL Server service to the local Administrators group.B、Enable the Do not trust this user for delegation Active Domain property for the user account that is used by the SQL Server service.C、Create a Service Principal Name (SPN) for the user account that is used by the SQL Server service.D、Enable the Trusted for delegation Active Domain property for the user account that is used by the SQL Server service.
Your application must access data that is located on two SQL Server 2005 computers. One of these servers is named SQL1 and the other is SQL2. You have permissions to create a stored procedure on SQL1 to support your application. However,on SQL2 you only have permissions to select data. You write the stored procedure on SQL1. The stored procedure accesses SQL2 by using the OPENQUERY Transact-SQL statement. However,the query fails when executed.You need to troubleshoot the cause of the error. What should you do?()A、Join the two servers by using the four-part syntax of server.database.schema.table.B、Reference SQL2 by using an alias.C、Add SQL2 as a remote server to SQL1.D、Add SQL2 as a linked server to SQL1.
Your network contains a single Active Directory domain. All servers on the network are members of the domain. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has two NTFS partitions. You create and share a folder named Data in the root of a partition on Server1. You log on to your computer by using the domain Administrator account and discover that you cannot modify files in the Data share. You need to ensure that the Administrator can modify files in the Data share. The solution must use the minimum amount of permissions. What should you do? ()A、Modify the NTFS permissions on the Data folder.B、Modify the share permissions on the Data share.C、Add the domain administrator to the local Administrator’s group on Server1.D、Move the Data folder to a new file allocation table (FAT) partition. Share the folder by using the default permissions.
You are the administrator of a SQL Server 2005 computer named SQL1. All servers run Microsoft Windows Server 2003 and belong to a Microsoft Active Directory domain. The companys written security policy mandates strong passwords for all domain, local, and application accounts. The appropriate domain password policy has been deployed through the use of a Group Policy object (GPO). Many of the company’s computers run MS-DOS-based or UNIX-based operating systems. These computers require varying levels of access to a database named Services on SQL1. You need to ensure that these computers can access the Services database without violating the company’s written security policy. What should you do?()A、Create a domain account for each of the company’s users. Provide each domain account with access to SQL1 and the Services database.B、Create a local logon account on SQL1 for each of the company’s users. Provide each logon account with access to SQL1 and the Services database.C、Create a SQL Server logon account for each of the company’s users. Enable the Enforce password policy option for each logon account. Provide each logon account with access to the Services database.D、Configure a virtual directory through Internet Information Services (IIS) for access to SQL1. Direct users to the virtual directory for data access.E、Create one SQL Server logon account for all of the company’s computers running MS-DOS or UNIX-based operating systems. Enable the Enforce password policy option for users’ accounts. Provide the logon accounts with access to the Services database.
our network consists of a single Active Directory domain. You have a domain controller and a member server that run Windows Server 2008 R2. Both servers are configured as DNS servers. Client computers run either Windows XP Service Pack 3 or Windows 7. You have a standard primary zone on the domain controller. The member server hosts a secondary copy of the zone. You need to ensure that only authenticated users are allowed to update host (A) records in the DNS zone. What should you do first()A、On the member server, add a conditional forwarder.B、On the member server, install Active Directory Domain Services.C、Add all computer accounts to the DNSUpdateProxy group.D、Convert the standard primary zone to an Active Directory-integrated zone.
You are the administrator of a SQL Server 2005 computer named SQL1. You create a security template that disables unnecessary services. The template is appropriate only for SQL1. You need to ensure that the security template is applied to SQL1. Your solution must ensure that the template automatically overrides any manual configuration changes made by other administrators within an hour. What should you do?()A、Use the SQL Server Surface Area Configuration tool to import the security template.B、Use the Local Security Policy editor to import the security template into the Local Security Policy object.C、Configure Task Scheduler to import the security template by using Secedit.exe. Configure the task to run every half hour.D、Configure Task Scheduler to run the Microsoft Baseline Security Analyzer tool every half hour.
A domain controller named DC12 runs critical services. Restructuring of the organizational unit hierarchy for the domain has been completed and unnecessary objects have been deleted. You need to perform an offline defragmentation of the Active Directory database on DC12. You also need to ensure that the critical services remain online. What should you do()A、Start the domain controller in the Directory Services restore mode. Run the Defrag utility. B、Start the domain controller in the Directory Services restore mode. Run the Ntdsutil utility.C、Stop the Domain Controller service in the Services (local) Microsoft Management Console (MMC). Run the DefragD、Stop the Domain Controller service in the Services (local) Microsoft Management Console (MMC). Run the Ntdsutil
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). The domain contains a member server named Server1. Server1 is a file server. You accidentally delete the computer account for Server1 from the domain. You need to ensure that users can access the file shares on Server1 by using their domain user accounts. You must achieve this goal by using the minimum amount of administrative effort. What should you do? ()A、On Server1, run the Netdom reset command.B、On Server1, add the computer to a workgroup and then add the computer to the domain. Restart Server1.C、From Active Directory Users and Computers, create a new computer account named Server1 in the domain. Restart Server1.D、On a domain controller, perform an authoritative restore in Active Directory for the Server1 computer account. Restart Server1.
You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003. You place computer accounts for servers in OUs that are organized by server roles. You apply GPOs to these servers at the OU level. You need to add a new server to the domain. You need to ensure that the appropriate GPOs are applied to this server. What should you do?()A、Prestage a domain computer account for the new server in the appropriate OU. Join the server to the domain by using the prestaged computer account.B、On the server, add the domain name for the Active Directory domain to the DNS suffix setting. Join the server to the domain.C、Assign a user account the Allow - Create permission for the appropriate OU. Join the new server to the domain by using the user account.D、Join the new server to the Active Directory domain. On the new server, run the gpupdate /force command.
Your company has an Active Directory Domain Services (AD DS) domain that includes an AD security group named Development. You have a member server that runs Windows Server 2008 R2 with the Hyper-V role installed. You need to ensure that Development group members can only manage virtual machines (VMs). Development group members must not have administrative privileges on the host server. What should you use?()A、Authorization ManagerB、Local Users and GroupsC、the net localgroup commandD、Active Directory Administrative Center
You are the administrator of an Active Directory domain named A user reports that he cannot log on to a Windows Server 2003 computer that contains a critical application. You discover that the organizational unit (OU) in which the server is located was deleted. You discover that the user rights for this server are controlled by Group Policy. You need to restore access to the server. You need to achieve this goal by using the minimum amount of administrative effort. What should you do?()A、Perform a normal restoration of the System State data for the domain controller. Force replication.B、Perform an authoritative restoration of the System State data for the domain controller. Mark the OU for replication.C、Re-create the OU that was deleted. Reapply Group Policy, and then add the computer account and any necessary users or groups.D、Perform an Automated System Recovery (ASR) restoration on the domain controller.
You are the network administrator for . Your network consists of a single Active Directory domain named . All network servers run Windows Server 2003, and all client computers run Windows XP Professional. You install a new file and print server named File1. You configure standard company policies and other local options. You use third-party software to create and save an image of the server. Then you join File1 to the domain. Six weeks later, you reapply the saved image to File1 and restart the server. You try to log on to the domain by using domain credentials. However, you are unsuccessful. You need to log on to File1 and re-establish its domain membership. Your solution must require the minimum amount of administrative effort. Which two actions should you perform? ()(Each correct answer presents part of the solution. Choose two)A、Reset the computer account for File1 in Active Directory Users and Computers.B、Reset the password for Administrator account by logging on locally to File1 as a member of the local Power Users group.C、Reinstall and reconfigure File1.D、Join File1 to the domain.E、Remove File1 from the domain.
As an administrator at Certkiller.com, you have installed an Active Directory forest that has a single domain. You have installed an Active Directory Federation services (AD FS) on the domain member server. What should you do to configure AD FS to make sure that AD FS token contains information from the active directory domain()A、Add a new account store and configure it.B、Add a new resource partner and configure itC、Add a new resource store and configure itD、Add a new administrator account on AD FS and configure itE、None of the above
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). The domain contains a member server named Server1. Server1 is a file server. You accidentally delete the computer account for Server1 from the domain. You need to ensure that users can access the file shares on Server1 by using their domain user accounts. You must achieve this goal by using the minimum amount of administrative effort. What should you do? ()A、On Server1, run the Netdom reset command.B、On Server1, add the computer to a workgroup and then add the computer to the domain. Restart Server1.C、From Active Directory Users and Computers, create a new computer account named Server1 in the domain. Restart Server1.D、On a domain controller, perform an authoritative restore in Active Directory for the Server1 computer account. Restart Server1.
You are a database administrator of two SQL Server 2005 computers named SQL1 and SQL2. You have a Microsoft .NET application that has been modified so that it now accesses a database on SQL2 in addition to SQL1. You do not want the user application to connect directly to SQL2. You need to enable the data retrieval from SQL2 while maintaining the ability to assign different permissions to different users who use the .NET application. What should you do?()A、Change the .NET application to define a new server connection to SQL2.B、Configure a linked server on SQL1 to point to SQL2.C、Configure a linked server on SQL2 to point to SQL1.D、Change the stored procedures called by the .NET application to include the OPENXML command.
You are a professional level SQL Server 2005 database administrator in an international corporation named Wiikigo. You are experienced in implementing high-availability solutions, monitoring the database server, and design deployment. In the company, you major job is the deployment, maintenance and support of Microsoft SQL Server 2005. You work as the administrator of a SQL Server 2005 computer, and the computer is named SQL1. Microsoft Windows Server 2003 is run by all servers. All the servers belong to a Microsoft Active Directory domain. According to the company written security policy, strong passwords are mandated for all domain, local, and application accounts. The company utilizes a Group Policy object (GPO) to deploy the proper domain password policy. MS-DOS-based or UNIX-based operating systems are run by many of the company’s computers. Varying levels of access to a database named Services on SQL1 is requested by the computers. Since you are the database administrator, you are required to confirm that the Services database can be accessed by these computers. And the company’s written security policy should not be violated. Which action should be performed by you?()A、A domain account should be created for each of the company’s users. And then, each domain account should be offered with access to SQL1 and the Services database.B、A local logon account should be created on SQL1 for each of the company’s users. And then, each logon account should be offered with access to SQL1 and the Services database.C、One SQL Server logon account should be created for all of the company’s computers running MS-DOS or UNIX-based operating systems. And then, the Enforce password policy option should be enabled for users’ accounts. At last, the logon accounts should be provided with access to the Services database.D、A SQL Server logon account should be created for each of the company’s users. And then, the Enforce password policy option should be enabled for each logon account. At last, each logon account should be offered with access to the Services database.E、A virtual directory should be configured through Internet Information Services (IIS) for access to SQL1. And then, users should be directed to the virtual directory for data access.
You are a database administrator for your company. You are configuring a new SQL Server 2005 computer named SQL1. SQL1 will run Reporting Services. It will also be configured to automatically perform database backups and other maintenance tasks. There are no other SQL Server computers in the network environment. All access to SQL1 will be made by using SQL1s DNS name. You need to disable any unnecessary services on SQL1. Which service or services should you disable?()A、Internet Information ServicesB、SQL Server BrowserC、SQL Server AgentD、Microsoft Distributed Transaction Coordinator
You have a Microsoft Hyper-V Server 2008 R2 server. You need to join the server to an existing Active Directory Domain Services (AD DS) domain. Which should you use?()A、ocsetupB、hvconfigC、sc configD、net config
单选题You have a computer that runs Windows XP Professional. The computer is a member of an Active Directory domain. A server administrator installs and shares a new printer on a server that runs Windows Server 2003. You need to configure the computer to print to the new printer. What should you do?()AFrom the computer, install a local printer.BFrom the computer, install a network printer. CFrom the Active Directory domain, add the computer account for the Windows XP Professional computer to the Print Operators group. DFrom the Windows Server 2003 server, add the computer account for the Windows XP Professional computer to the Print Operators group.
单选题You are the administrator of a Microsoft Windows Server 2003 computer named SQL1. SQL1 runs SQL Server 2005 and is a member of a Microsoft Active Directory domain named Contoso.com. The domain is configured with all of the default settings. Several members of the information security team have requested access to SQL1. The information security team uses the Microsoft Windows XP Professional, Linux, and Macintosh operating systems to perform vulnerability assessments. The information security team members ask you to create two new logon accounts for their use. They would like the logon accounts to have the following user names and passwords: User name/password for first account: pentest/P@ssw0rdUser name/password for second account: hacktest/password You need to provide the information security team with the requested access to SQL1. Which Transact-SQL script should you use?()ACREATE LOGIN pentestWITH PASSWORD = 'P@ssw0rd' CREATE LOGIN hacktestWITH PASSWORD = 'password'BCREATE LOGIN pentestWITH PASSWORD = 'P@ssw0rd' CREATE LOGIN hacktestWITH PASSWORD = 'password',CHECK_POLICY = OFFCCREATE LOGIN pentestWITH PASSWORD = 'P@ssw0rd' CREATE LOGIN hacktestWITH PASSWORD = 'password'[HASHED]DCREATE LOGIN [CONTOSO/pentest]FROM WINDOWS CREATE LOGIN [CONTOSO/hacktest]FROM WINDOWS
单选题Your network contains a single Active Directory domain. All servers on the network are members of the domain. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has two NTFS partitions. You create and share a folder named Data in the root of a partition on Server1. You log on to your computer by using the domain Administrator account and discover that you cannot modify files in the Data share. You need to ensure that the Administrator can modify files in the Data share. The solution must use the minimum amount of permissions. What should you do? ()AModify the NTFS permissions on the Data folder.BModify the share permissions on the Data share.CAdd the domain administrator to the local Administrator’s group on Server1.DMove the Data folder to a new file allocation table (FAT) partition. Share the folder by using the default permissions.
单选题Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). The domain contains a member server named Server1. Server1 is a file server. You accidentally delete the computer account for Server1 from the domain. You need to ensure that users can access the file shares on Server1 by using their domain user accounts. You must achieve this goal by using the minimum amount of administrative effort. What should you do? ()AOn Server1, run the Netdom reset command.BOn Server1, add the computer to a workgroup and then add the computer to the domain. Restart Server1.CFrom Active Directory Users and Computers, create a new computer account named Server1 in the domain. Restart Server1.DOn a domain controller, perform an authoritative restore in Active Directory for the Server1 computer account. Restart Server1.
多选题You are a database administrator for your company. You are configuring a new SQL Server 2005 computer named SQL1. SQL1 will run Reporting Services. It will also be configured to automatically perform database backups and other maintenance tasks. There are no other SQL Server computers in the network environment. All access to SQL1 will be made by using SQL1s DNS name. You need to disable any unnecessary services on SQL1. Which service or services should you disable?()AInternet Information ServicesBSQL Server BrowserCSQL Server AgentDMicrosoft Distributed Transaction Coordinator