Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A、 UrlScan Security ToolB、 Enterprise Scan Tool (EST)C、 Malicious Removal Tool (MRT)D、 Microsoft Baseline Security Analyzer (MBSA)
You are the network administrator for . The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. TestKing acquires a subsidiary. You receive a comma delimited file that contains the names of all user accounts at the subsidiary. You need to import these accounts into your domain. Which command should you use?()A、ldifdeB、csvdeC、ntdsutil with the authoritative restore optionD、dsadd user
You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. All client computers run Windows XP Professional, and all client computer objects are store din the Clients organizational unit (OU). Client computers receive critical security patches from servers at Microsoft. A server named Testking1 runs Software Update Services (SUS). You enable Testking1 to obtain and store security patches for distribution on the internal network. Now you need to ensure that all client computers receive future security patches from Testking1 only. You open the Group Policy object (GPO) for the Clients OU. Which setting should you configure?()A、Computer Configuration/Software Settings/Software InstallationB、User Configuration/Software Settings/Software InstallationC、Computer Configuration/Administrative Templates/Windows Components/Windows InstallerD、User Configuration/Administrative Templates/Windows Components/Windows InstallerE、Computer Configuration/Administrative Templates/Windows Components/Windows UpdateF、User Configuration/Administrative Templates/Windows Components/Windows Update
You are the network administrator for Your network consists of a single Active Directory domain named All network servers run Windows Server 2003. All client computers run Windows XP Professional. TK1 is your global catalog server. TK2 runs Software Update Services (SUS). The Set Options console on TK2 uses all default settings. You configure the client computers to access the service on TK1 and TK2. Three months later, Microsoft releases a critical security update for Windows XP Professional. From a test client computer, you use Windows Update to download the update. You test the update and receive no error messages. Now you need to deploy the update to all client computers as quickly as possible. You must ensure that the update is not deployed to any servers. Which two actions should you perform? ()(Each correct answer presents part of the solution. Choose two)A、On TK1, configure the Default Domain Group Policy object (GPO) to distribute the security update.B、On TK1, initiate replication.C、On TK2, initiate synchronization.D、On TK2, approve the security update.
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. You need to update six high-visibility servers with critical updates by using Windows Server Update Services (WSUS). You approve all of the updates. You need to ensure that the updates are applied within one hour. What should you do?()A、On the WSUS server, type the gpupdate /force command at the command prompt.B、On the WSUS server, type the wuauclt /detectnow command at the command prompt.C、On each of the six servers, type the gpupdate /force command at the command prompt.D、On each of the six servers, type the wuauclt /detectnow command at the command prompt.
You are a security administrator for your company. All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a server named Server1. The company’s written security policy states that all updates must be tested and approved before they are installed on network computers. You need to ensure that SUS uses the minimum amount of disk space on Server1. What should you do?()A、 Configure Server1 to redirect client computers to the Microsoft Windows Update servers.B、 Compress the folder in which the downloaded updates are stored.C、 Configure Server1 to store only the locales that are needed.D、 Download the updates, and then delete updates that are not approved for client computers.
ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU. You need to verify that users are connecting to the two servers by using encrypted connections. What should you do?()A、Run the net view command.B、Run the gpresult command.C、Use the IP Security Monitor console.D、Use the IPSec Policy Management console.
You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a network server named Testking1. When you attempt to synchronize Testking1 with the Windows Update servers, you receive an error message. You suspect that your proxy server requires authentication. You open Internet Explorer and verify that you can communicate with an external Web site by using the proxy server. You need to ensure that Testking1 can communicate with the Windows Update servers. What should you do on Testking1?()A、Restart the IIS administration tool.B、Configure the Internet Explorer settings to bypass the proxy server.C、In the SUS options, configure authentication to the proxy server.D、Install the Microsoft Firewall Client.
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. You need to implement a new software update infrastructure. You discover that security patches, critical updates, and service packs have never been installed on any client computer on the network. You install Windows Server Update Services (WSUS) on a Windows Server 2003 computer named Server5. You synchronize and approve all of the current security patches, critical updates, and service packs. You need to ensure that all client computers receive all Microsoft security patches, critical updates, and service packs. Which two actions should you perform?()A、Open the WSUS console. Select the option to automatically approve WSUS updates.B、Install the Automatic Updates client on all client computers.C、Modify the Microsoft Update settings of the Default Domain Controller organizational unit (OU) Group Policy object (GPO) to point client computers to http ://server5.D、Modify the Microsoft Update settings of the Default Domain Policy Group Policy object (GPO) to point client computers to http: //server5.E、Open the WSUS console. Create a target group and assign all client computers to the group.
You are a network administrator for your company. All domain controllers run Windows Server 2003. The network contains 50 Windows 98 client computers, 300 Windows 2000 Professional computers, and 150 Windows XP Professional computers. According to the network design specification, the Kerberos version 5 authentication protocol must be used for all client computers on the internal network. You need to ensure that Kerberos version 5 authentication is used for all client computers on the internal network. What should you do? ()A、 On each domain controller, disable Server Message Block (SMB) signing and encryption of the secure channel traffic.B、 Replace all Windows 98 computers with new Windows XP Professional computers.C、 Install the Active Directory Client Extensions software on the Windows 98 computers.D、 Upgrade all Windows 98 computers to Windows NT Workstation 4.0.
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.You install Windows Server Update Services (WSUS) on a network server named Server1. When you attempt to synchronize Server1 with the Windows Update servers, you receive an error message. You open Internet Explorer and verify that you can communicate with an external Web site by using the proxy server. You need to ensure that Server1 can communicate with the Windows Update servers. What should you do on Server1?()A、Restart the IIS administration tool.B、Configure the Internet Explorer settings to bypass the proxy server.C、In the WSUS options, configure authentication to the proxy server.D、Install the ISA Firewall Client.
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You install and configure Windows Server Update Services (WSUS) 3.0 on a server named Server1. You need to configure one client computer to check for software updates from Server1 every morning at 02:30. What should you do? ()A、On the client computer, run gpedit.msc and modify the Windows Update settings.B、On the client computer, open the Automatic Updates control panel applet and modify the Automatic Updates settings.C、On Server1, open the Update Services console and configure the Computers options.D、On Server1, open the Update Services console and configure the Synchronization Schedule options.
You are the network administrator for your company, which employs 1,500 users. The network consists of a single Active Directory domain. All network servers run Windows Server 2003. Most client computers run Windows XP Professional, and the rest run Windows NT 4.0 Workstation.Two terminal servers are available to network users. You install a new application on both terminal servers.Everyone who uses the new application to create data must save the data directly in a folder on the local hard disk.You need to ensure that client disk drives are always available when employees connect to the terminal servers.Which two actions should you perform? ()(Each correct answer presents part of the solution. Choose two.)A、Create a client connection object with default settings and deploy the object to each terminal server.B、Edit the RDP-Tcp properties by selecting the Connect client drives at logon option.C、Install NetMeeting on all client computers. Configure Remote Desktop Sharing.D、Install the default Windows 2000 Terminal Server Client software on the Windows NT 4.0 workstations.E、Install Remote Desktop Connection on the Windows NT 4.0 workstations.
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional. You are planning a security update infrastructure. You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically. What should you do? ()A、 Schedule the secedit command to run every night.B、 Schedule the mbsacli.exe command to run every night.C、 Install Microsoft Baseline Security Analyzer (MBSA) on one of the servers. Configure Automatic Updates on all other computers to use that server.D、 Install Software Update Services (SUS) on one of the servers. Configure the SUS server to update every night.
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.You install and configure a single server to run Windows Server Update Services (WSUS). You configure the appropriate Group Policy settings to specify separate WSUS target groups for client and server computers. You need to ensure that computers automatically assign themselves to the correct computer group. What should you do?()A、In the WSUS console, configure Computer Options so that Use group policy or registry settings on computers is selected.B、In the WSUS console, configure Computer Options so that Use the Move Computers Task in Windows Server Update Services is selected.C、In the WSUS console, create the appropriate computer groups.D、Create organizational units (OUs) for each group.
You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows 2000 Professional with Service Pack 4 or Windows XP Professional. You install Software Update Services (SUS) on a computer named TestKing1. You create a GPO that configures all client computers to receive their software update from TestKing1. One week later, you run Microsoft Baseline Security Analyzer (MBSA) on all client computers to find out whether all updates are being applied. You discover that all the Windows 2000 Professional client computer received updates, but the Windows XP Professional client computers do not receive updates. You verify that the GPO setting was applied on all Windows XP Professional computers. You need to ensure that the Windows XP Professional client computers receive their updates from TestKing1. What should you do?()A、Make all users of the Windows XP Professional client computers members of the Administrators local group.B、On all Windows XP Professional client computers, install Service Pack 1.C、On all Windows XP Professional client computers, restart Automatic Updates.D、On all Windows XP Professional client computers, delete the NoAutoUpdate value under HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU.
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run either Windows 2000 Professional with Service Pack 4 or Windows XP Professional. You install Windows Server Update Services (WSUS) on a computer named Server2. You create a Group Policy object (GPO) that configures all client computers to receive software updates from Server2. One week later, you run Microsoft Baseline Security Analyzer (MBSA) on all client computers to find out whether all updates are being applied. You discover that all of the Windows 2000 Professional client computers receive updates, but the Windows XP Professional client computers do not receive updates. You verify that the GPO setting was applied on all Windows XP Professional computers. You need to ensure that the Windows XP Professional client computers receive their updates from Server2. What should you do?()A、Make all users of Windows XP Professional client computers members of the Administrators local group.B、On all Windows XP Professional client computers, install the latest service pack.C、On all Windows XP Professional client computers, use the gpupdate /force command.D、On all Windows XP Professional client computers, delete the NoAutoUpdate value under HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU.
Your company has a single Active Directory directory service domain. Servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create an internal centrally managed security update infrastructure for client computers. You need to choose a security update management tool that supports all the client computers. Which tool should you choose? ()A、 Microsoft Assessment and Planning (MAP) ToolkitB、 Microsoft Baseline Security AnalyzerC、 Microsoft System Center Operations ManagerD、 Windows Server Update Services (WSUS)
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows 2003 Server. All client computers run Windows XP Professional. All computers are configured to use Automatic Updates to install updates without user intervention. Updates are scheduled to occur during o peak hours. During a security audit,you notice some client computers are not receiving updates on a regular basis. You verify that Automatic Updates is running on All client computers, and you verify that users cannot modify the Automatic Updates settings. You need to ensure that computers on your network receive all updates. What should you do?()A、 Enable the No auto-restart for scheduled Automatic Updates installations setting.B、 Disable the Specify intranet Microsoft update service location setting.C、 Enable the Remove access to use all Windows Update features setting.D、 Enable the Reschedule Automatic Updates scheduled installations setting.
You are the network administrator for The network consists of a single Active Directory domain named Servers run either Windows 2000 Server or Windows Server 2003. Client computers run either Windows 2000 Professional Service Pack 2 or Windows XP Professional. You need to implement a new software update infrastructure. You discover that security patches, critical updates, and service packs have never been installed on any client computer on the network. You install Software Update Services (SUS) on a Windows Server 2003 computer named Testking5. You must ensure that all client computers receive all Microsoft security patches, critical updates, and service packs. You want to achieve this goal as quickly as possible. Which three actions should you perform? ()(Each correct answer presents part of the solution. Choose three)A、Install the Automatic Updates client on all Windows 2000 Professional client computers.B、Install the Automatic Updates client on all Windows XP Professional client computers.C、Install SUS on a Windows 2000 Server computer.D、Modify the Windows Update settings of the Default Domain Controller organizational unit (OU) Group Policy object (GPO) to point client computers to http://testking5.E、Modify the Windows Update settings of the Default Domain Policy Group Policy object (GPO) to point client computers to http://testking5.F、Upgrade all Windows 2000 Professional client computers to Windows XP Professional.
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional with themost recent service pack. All client computers have computer accounts in an organizational unit (OU) named CompanyComputers. The company requires all computers to be kept up-to-date with service packs and hotfixes from Microsoft. Administrators will manually update servers as required. You need to configure the network so that client computers are automatically updated as new critical updates are issued. What are two possible ways to achieve this goal?()A、 Create a Group Policy object (GPO) linked to the domain. Configure the GPO so that client computers automatically download and install updates from Microsoft update servers from the Internet.B、 Create a Group Policy object (GPO) linked to the CompanyComputers OU. Configure the GPO so that client computers automatically download and install updates from Microsoft update servers from the Internet.C、 Create a Group Policy object (GPO) linked to the domain. Configure the GPO so that client computers automatically download and install updates from an internal server on which you install and configure Software Update Services.D、 Create a Group Policy object (GPO) linked to the CompanyComputers OU. Configure the GPO so that client computers automatically download and install updates from an internal server on which you install and configure Software Update Services.
多选题You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows XP Professional. The company has offices in Berlin, Dortmund, and Frankfurt. Each office is configured as a separate IP subnet. DNS is the only method of name resolution on the network. You need to implement a software update infrastructure on the network. You install Software Update Services (SUS) on a computer named TestKing3 in the Berlin office. You install on TestKing3 with all default settings. You have no plans to install additional SUS servers. You configure all client computers appropriately. You must ensure that client computers can successfully connect to the SUS server. What should you do?()AConfigure the Internet browser home page on all client computers to point to http://windowsupdate.microsoft.com.BIn the SUS Administrator, configure the Server Name property to be the server's fully qualified domain name (FQDN).COpen IIS Manager and enable HTTP over SSL.DEnable communication over port 135 between all client computers and the SUS server.
单选题Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A UrlScan Security ToolB Enterprise Scan Tool (EST)C Malicious Removal Tool (MRT)D Microsoft Baseline Security Analyzer (MBSA)
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. A new low-priority update, Q318138, is released and is synchronized with the Windows Server Update Services (WSUS) server on the network. You decide to approve the update without testing. After the update is applied to client computers, users report that they can no longer run an accounting application.You need to remove the update from all client computers until you can test the update. What should you do?()AClear the Automatically approve new versions of previously approved updates option on the WSUS server. Resynchronize the server with the Windows Update server.BClear the update for approval on the WSUS server. Resynchronize the server with the Windows Update servers.CClear the update for approval on the WSUS server. Run the spuninst command from the Systemroot/$NtUninstallQ318138$/spuninst directory on each client computer.DClear the Automatically approve new versions of previously approved updates option on the WSUS server. Delete the Systemroot/$NtUninstallQ318138$ directory on each client computer.
单选题You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows 2000 Professional with Service Pack 4 or Windows XP Professional. You install Software Update Services (SUS) on a computer named TestKing1. You create a GPO that configures all client computers to receive their software update from TestKing1. One week later, you run Microsoft Baseline Security Analyzer (MBSA) on all client computers to find out whether all updates are being applied. You discover that all the Windows 2000 Professional client computer received updates, but the Windows XP Professional client computers do not receive updates. You verify that the GPO setting was applied on all Windows XP Professional computers. You need to ensure that the Windows XP Professional client computers receive their updates from TestKing1. What should you do?()AMake all users of the Windows XP Professional client computers members of the Administrators local group.BOn all Windows XP Professional client computers, install Service Pack 1.COn all Windows XP Professional client computers, restart Automatic Updates.DOn all Windows XP Professional client computers, delete the NoAutoUpdate value under HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU.
单选题ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU. You need to verify that users are connecting to the two servers by using encrypted connections. What should you do?()ARun the net view command.BRun the gpresult command.CUse the IP Security Monitor console.DUse the IPSec Policy Management console.
单选题Your company has a single Active Directory directory service domain. Servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create an internal centrally managed security update infrastructure for client computers. You need to choose a security update management tool that supports all the client computers. Which tool should you choose? ()A Microsoft Assessment and Planning (MAP) ToolkitB Microsoft Baseline Security AnalyzerC Microsoft System Center Operations ManagerD Windows Server Update Services (WSUS)