Your company has an Active Directory directory service domain. All servers run Windows Server 2003. All domain controllers are configured to audit specific events. You are developing a security monitoring plan for the domain controllers. You must back up the following information. Local logon attemptsDomain logon attemptsSecurity update installation attempts You need to specify the appropriate log files to back up. Which files should you specify? ()A、 AppEvent.Evt and NTDS.EvtB、 NTDS.Evt and SecEvent.EvtC、 SecEvent.Evt and SysEvent.EvtD、 AppEvent.Evt and SysEvent.Evt
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. All domain controllers are configured to audit specific events. You are developing a security monitoring plan for the domain controllers. You must back up the following information. Local logon attemptsDomain logon attemptsSecurity update installation attempts You need to specify the appropriate log files to back up. Which files should you specify? ()
- A、 AppEvent.Evt and NTDS.Evt
- B、 NTDS.Evt and SecEvent.Evt
- C、 SecEvent.Evt and SysEvent.Evt
- D、 AppEvent.Evt and SysEvent.Evt
相关考题:
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A、 UrlScan Security ToolB、 Enterprise Scan Tool (EST)C、 Malicious Removal Tool (MRT)D、 Microsoft Baseline Security Analyzer (MBSA)
Your network consists of a single Active Directory domain that has three Active Directory sites. Each site contains two Active Directory domain controllers. All domain controllers run Windows Server 2003 Service Pack 2 (SP2). All domain controllers have Windows Support Tools installed. You need to verify the replication status of Active Directory. Which tool should you use?()A、Active Directory Sites and ServicesB、Nltest.exeC、Network MonitorD、Replmon.exe
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are developing a security monitoring plan. You must monitor the files that are stored in a specific directory on a member server. You have the following requirements. Log all attempts to access the files.Retain log information until the full weekly backup occurs. You need to ensure that the security monitoring plan meets the requirements. What should your plan include?()A、 Configure a directory service access audit policy. Increase the maximum size of the security log.B、 Configure a directory service access audit policy. Set the system log to overwrite events older than 7 days.C、 Configure an object access audit policy for the directory. Increase the maximum size of the system log.D、 Configure an object access audit policy for the directory. Set the security log to overwrite events older than 7 days.
Your network consists of a single Active Directory domain that has three Active Directory sites. Each site contains two Active Directory domain controllers. All domain controllers run Windows Server 2003 Service Pack 2 (SP2). All domain controllers have Windows Support Tools installed. You need to verify the replication status of Active Directory. Which tool should you use?()A、Active Directory Sites and Services B、Nltest.exe C、Network Monitor D、Replmon.exe
Your company has a single Active Directory directory service forest with multiple domains. The Schema FSMO role is held by one of the domain controllers in the forest root domain. The DomainThe safer , easier way to help you pass any IT exams. Naming Master FSMO role is held by one of the domain controllers in a child domain. All domain controllers have Windows Server 2003 installed. You need to upgrade all domain controllers to Windows Server 2003 R2. Which two actions should you perform?()A、 Run the adprep /forestprep command in the forest root domain.B、 Run the adprep /forestprep command in all the child domains.C、 Run the adprep /domainprep command in all the child domains only.D、 Run the adprep /domainprep command in all domains.
Your network consists of a single Active Directory domain. The domain contains 10 domain controllers. The domain controllers run Windows Server 2008 and are configured as DNS servers. You plan to create a new Active Directory-integrated zone. You need to ensure that the new zone is only replicated to four of your domain controllers. What should you do first()A、Create a new delegation in the ForestDnsZones application directory partition.B、Create a new delegation in the DomainDnsZones application directory partition.C、From the command prompt, run dnscmd and specify the /enlistdirectorypartition parameter.D、From the command prompt, run dnscmd and specify the /createdirectorypartition parameter.
Your company has a main office and ten branch offices. Your network consists of a single domain Active Directory forest. An Active Directory site exists for each office. The main office contains five domain controllers that run Windows Server 2008 (x64). Each branch office contains one read-only domain controller (RODC) that runs Windows Server 2008(x86). All domain controllers are configured as global catalog servers. You plan to deploy one Exchange Server 2010 server in each site. You need to recommend changes to Active Directory to support the planned deployment. The solution must ensure that Exchange servers in each branch-office site connect to their local domain controllers. What should you recommend?()A、Implement a DNS zone for each office.B、Change all RODCs to Windows Server 2008 (x64) RODCs.C、Implement a writable domain controller in each branch office.D、Disable site link bridging for the forest and configure Exchange-specific costs.
You have a single Active Directory domain. All domain controllers run Windows Server 2003 with Service Pack 1 (SP1). You plan to store Windows BitLocker Drive Encryption recovery passwords in Active Directory. You need to recommend the solution that uses the least amount of administrative effort. What should you recommend?()A、Extend the Active Directory schema.B、Upgrade all domain controllers to Windows Server 2008 R2.C、Upgrade all domain controllers to Windows Server 2003 SP2.D、Upgrade the domain controller that has the role of operations master to Windows Server 2008 R2.
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. The Audit account management policy setting and Audit directory services access setting are enabled for the entire domain. You need to ensure that changes made to Active Directory objects can be logged. The logged changes must include the old and new values of any attributes. What should you do()A、Enable the Audit account management policy in the Default Domain Controller Policy.B、Run auditpol.exe and then configure the Security settings of the Domain Controllers OU.C、Run auditpol.exe and then enable the Audit directory service access setting in the Default Domain policy.D、From the Default Domain Controllers policy, enable the Audit directory service access setting and enable directory
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You have a stand-alone server that serves as a Stand-alone root certification authority (CA). You need to ensure that a specific user can back up the CA and configure the audit parameters on the CA. What should you do?()A、 Assign the user account to the CA Admin role.B、 Add the user account to the local Administrators group.C、 Grant the user the Back up files and directories user right.D、 Grant the user the Manage auditing and security log user right.
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. You need to plan an auditing strategy that meets the following requirements: èAudits all changes to Active Directory Domain Services (AD?DS) èStores all auditing data in a central location. What should you include in your plan?()A、Configure an audit policy for the domain. Configure Event Forwarding.B、Configure an audit policy for the domain controllers. Configure Data Collector Sets.C、Implement Windows Server Resource Manager (WSRM) in managing mode.D、Implement Windows Server Resource Manager (WSRM) in accounting mode.
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. The Audit account management policy setting and Audit directory services access setting are enabled for the entire domain. You need to ensure that changes made to Active Directory objects can be logged. The logged changes must include the old and new values of any attributes. What should you do()A、Enable the Audit account management policy in the Default Domain Controller Policy.B、Run auditpol.exe and then configure the Security settings of the Domain Controllers OU.C、Run auditpol.exe and then enable the Audit directory service access setting in the Default Domain policy.D、From the Default Domain Controllers policy, enable the Audit directory service access setting and enable directory service changes.
Your company has a single Active Directory domain. All domain controllers run Windows Server 2003. You install Windows Server 2008 R2 on a server. You need to add the new server as a domain controller in your domain. What should you do first()A、On the new server, run dcpromo /adv.B、On the new server, run dcpromo /createdcaccount.C、On a domain controller run adprep /rodcprep.D、On a domain controller, run adprep /forestprep.
Your company has a single Active Directory directory service domain. Servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create an internal centrally managed security update infrastructure for client computers. You need to choose a security update management tool that supports all the client computers. Which tool should you choose? ()A、 Microsoft Assessment and Planning (MAP) ToolkitB、 Microsoft Baseline Security AnalyzerC、 Microsoft System Center Operations ManagerD、 Windows Server Update Services (WSUS)
Your network consists of an Active Directory forest that contains one domain. All domain controllers run Windows Server 2008 R2 and are configured as DNS servers. You have an Active Directory-integrated zone. You have two Active Directory sites. Each site contains five domain controllers. You add a new NS record to the zone. You need to ensure that all domain controllers immediately receive the new NS record. What should you do()A、From the DNS Manager console, reload the zone.B、From the Services snap-in, restart the DNS Server service.C、From the command prompt, run repadmin /syncall.D、From the DNS Manager console, increase the version number of the SOA record.
You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional. The company has legacy applications that run on UNIX servers. The legacy applications use the LDAP protocol to query Active Directory for employee information. The domain controllers are currently configured with the default security settings. You need to configure enhanced security for the domain controllers. In particular, you want to configure stronger password settings, audit settings, and lockout settings. You want to minimize interference with the proper functioning of the legacy applications. You decide to use the predefined security templates. You need to choose the appropriate predefined security template to apply to the domain controllers. What should you do?()A、 Apply the Setup security.inf template to the domain controllers.B、 Apply the DC security.inf template to the domain controllers.C、 Apply the Securedc.inf template to the domain controllers.D、 Apply the Rootsec.inf template to the domain controllers.
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2003 You upgrade all domain controllers to Windows Server 2008 You need to configure the Active Directory environment to support the application of multiple password policies What should you do()A、Create multiple Active Directory sites.B、On all domain controllers, run dcpromo /adv.C、On one domain controller, run dcpromo /adv.D、Raise the functional level of the domain to Windows Server 2008.
单选题Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. The Audit account management policy setting and Audit directory services access setting are enabled for the entire domain. You need to ensure that changes made to Active Directory objects can be logged. The logged changes must include the old and new values of any attributes. What should you do()AEnable the Audit account management policy in the Default Domain Controller Policy.BRun auditpol.exe and then configure the Security settings of the Domain Controllers OU.CRun auditpol.exe and then enable the Audit directory service access setting in the Default Domain policy.DFrom the Default Domain Controllers policy, enable the Audit directory service access setting and enable directory service changes.
单选题Your network consists of a single Active Directory domain that has three Active Directory sites. Each site contains two Active Directory domain controllers. All domain controllers run Windows Server 2003 Service Pack 2 (SP2). All domain controllers have Windows Support Tools installed. You need to verify the replication status of Active Directory. Which tool should you use?()AActive Directory Sites and ServicesBNltest.exeCNetwork MonitorDReplmon.exe
单选题Your network consists of a single Active Directory domain that has three Active Directory sites. Each site contains two Active Directory domain controllers. All domain controllers run Windows Server 2003 Service Pack 2 (SP2). All domain controllers have Windows Support Tools installed. You need to verify the replication status of Active Directory. Which tool should you use?()AActive Directory Sites and Services BNltest.exe CNetwork Monitor DReplmon.exe
单选题Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A UrlScan Security ToolB Enterprise Scan Tool (EST)C Malicious Removal Tool (MRT)D Microsoft Baseline Security Analyzer (MBSA)
单选题Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. All domain controllers run Active DirectoryCintegrated DNS. You create several static host (A) resource records. You need to verify that the DNS server is sending the correct host records to all client computers. Which command-line tool should you use?()A netshB tracertC ntdsutilD nslookup
单选题Your company has an Active Directory directory service domain. All servers run Windows Server 2003. All domain controllers are configured to audit specific events. You are developing a security monitoring plan for the domain controllers. You must back up the following information. Local logon attemptsDomain logon attemptsSecurity update installation attempts You need to specify the appropriate log files to back up. Which files should you specify? ()A AppEvent.Evt and NTDS.EvtB NTDS.Evt and SecEvent.EvtC SecEvent.Evt and SysEvent.EvtD AppEvent.Evt and SysEvent.Evt
单选题Your company has a single Active Directory domain. All domain controllers run Windows Server 2003. You install Windows Server 2008 R2 on a server. You need to add the new server as a domain controller in your domain. What should you do first()AOn the new server, run dcpromo /adv.BOn the new server, run dcpromo /createdcaccount.COn a domain controller run adprep /rodcprep.DOn a domain controller, run adprep /forestprep.
单选题Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You have a stand-alone server that serves as a Stand-alone root certification authority (CA). You need to ensure that a specific user can back up the CA and configure the audit parameters on the CA. What should you do?()A Assign the user account to the CA Admin role.B Add the user account to the local Administrators group.C Grant the user the Back up files and directories user right.D Grant the user the Manage auditing and security log user right.
单选题Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. The Audit account management policy setting and Audit directory services access setting are enabled for the entire domain. You need to ensure that changes made to Active Directory objects can be logged. The logged changes must include the old and new values of any attributes. What should you do()AEnable the Audit account management policy in the Default Domain Controller Policy.BRun auditpol.exe and then configure the Security settings of the Domain Controllers OU.CRun auditpol.exe and then enable the Audit directory service access setting in the Default Domain policy.DFrom the Default Domain Controllers policy, enable the Audit directory service access setting and enable directory
单选题Your company has a single Active Directory directory service domain. Servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create an internal centrally managed security update infrastructure for client computers. You need to choose a security update management tool that supports all the client computers. Which tool should you choose? ()A Microsoft Assessment and Planning (MAP) ToolkitB Microsoft Baseline Security AnalyzerC Microsoft System Center Operations ManagerD Windows Server Update Services (WSUS)