单选题Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed. External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: There is a problem with this Web sites security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority. You find that users onthe corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()AIn IIS Manager, enable the Enable client certificate mapping option.BIn IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.CIn Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.DIn Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
单选题
Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed. External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: There is a problem with this Web sites security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority. You find that users onthe corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()
A
In IIS Manager, enable the Enable client certificate mapping option.
B
In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.
C
In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.
D
In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
参考解析
解析:
暂无解析
相关考题:
our network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.” You find that users on the corporate network do not receive this error.You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()A、In IIS Manager, enable the Enable client certificate mapping option. B、In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority. C、In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key. D、In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data
Your network contains a Network Policy and Access Services server named Server1. All certificates in theorganization are issued by an enterprise certification authority (CA) named Server2. You have a standalonecomputer named Computer1 that runs Windows 7. Computer1 has a VPN connection that connects toServer1 by using SSTP. You attempt to establish the VPN connection to Server1 and receive the followingerror message: A certificate chain processed, but terminated in a root certificate which is not trusted by thetrust provider. You need to ensure that you can successfully establish the VPN connection to Server1. What should you do on Computer1?()A、Import the root certificate to the user s Trusted Publishers store.B、Import the root certificate to the computer s Trusted Root Certification Authorities store.C、Import the server certificate of Server1 to the user s Trusted Root Certification Authorities store.D、Import the server certificate of Server1 to the computer s Trusted Root Certification Authorities store.
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). You have a server named Server1. Server1 is configured as an enterprise root certification authority (CA). You perform a complete backup of Server1 that includes the system state. Server1 fails. You install a new server named Server1. You need to recover the enterprise root CA. What should you do? ()A、Restore the system state backup.B、Restore the %systemroot%/system32/certsrv folder.C、From the Certificates snap-in, import the enterprise root CA certificate.D、From the Certificates snap-in, import the enterprise root CA certificate revocation list (CRL).
Your network contains a stand-alone certification authority (CA) and a Web server. The Web server hosts a secure Web site. The Web site uses a server certificate that was issued from the CA. Users report that they receive a certificate warning message when they connect to the Web site. You need to prevent users from receiving the certificate warning message when they connect to the Web site. What should you do from the Internet Options in Internet Explorer?() A、Import the CA certificate to the trusted root CA certificate store. B、Import the server authentication certificate to the trusted publishers certificate store.C、Clear the Check for publisher's certificate revocation check box. D、Clear the Require server verification (https:) for all sites in this zone check box for the Trusted sites zone.
Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed. External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: There is a problem with this Web sites security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority. You find that users onthe corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()A、In IIS Manager, enable the Enable client certificate mapping option.B、In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.C、In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.D、In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
Your network contains a Web server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has one Web site. You configure Server1 to use a Web server certificate. Users report that they can access the Web site by using http://server1 and https://server1. You need to ensure that all traffic to, and from, Server1 is encrypted. What should you do?()A、In IIS Manager, enable the Require secure channel (SSL) option.B、In IIS Manager, enable the Digest authentication for Windows domain servers option.C、In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.D、In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
Your network contains an Active Directory forest. All domain controllers run Windows Server 2008 Standard. The functional level of the domain is Windows Server 2003. You have a certification authority (CA). The relevant servers in the domain are configured as shown in the following table: Server name Operating system Server role Server1 Windows Server 2003 Enterprise root CA Server2 Windows Server 2008 Enterprise subordinate CA Server3 Windows Server 2008 R2 Web Server You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate Enrollment Web Service on the network. What should you do()A、Upgrade Server1 to Windows Server 2008 R2.B、Upgrade Server2 to Windows Server 2008 R2.C、Raise the functional level of the domain to Windows Server 2008.D、Install the Windows Server 2008 R2 Active Directory Schema updates.
You have a server named Server1 that has the following Active Directory Certificate Services (AD CS) role services installed: ( Enterprise root certification authority (CA) .Certificate Enrollment Web Service .Certificate Enrollment Policy Web Service You create a new certificate template. External users report that the new template is unavailable when they request a new certificate. You verify that all other templates are available to the external users. You need to ensure that the external users can request certificates by using the new template. What should you do on Server1()A、Run iisreset.exe /restart. B、Run gpupdate.exe /force. C、Run certutil.exe dspublish.D、Restart the Active Directory Certificate Services service.
Your network contains an Active Directory forest. All domain controllers run Windows Server 2008 Standard. The functional level of the domain is Windows Server 2003. You have a certification authority (CA). The relevant servers in the domain are configured as shown in the following table. Server name Operating system Server role Server1 Windows Server 2003 Enterprise root CA Server2 Windows Server 2008 Enterprise subordinate CA Server3 Windows Server 2008 R2 Web Server You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate Enrollment Web Service on the network. What should you do()A、Upgrade Server1 to Windows Server 2008 R2.B、Upgrade Server2 to Windows Server 2008 R2.C、Raise the functional level of the domain to Windows Server 2008.D、Install the Windows Server 2008 R2 Active Directory Schema updates.
Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.” You find that users on the corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()A、In IIS Manager, enable the Enable client certificate mapping option.B、In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.C、In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.D、In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows 2000 Professional. You manage a Windows Server 2003 computer named Server1 that is a domain member server. You use IIS on Server1 to host an Internet Web site. Approximately 4,000 employees of your company connect over the lnternet to access company confidential data on Server1. You control access to data on Server1 by using NTFS file permissions assigned to groups. Different groups are assigned access to different files. Employees must have access only to files that they are assigned access to based on their membership in a group. You enable SSL on Server1 to protect confidential data while it is in transit. You issue each employee an Authenticated Session certificate and store a copy of that certificate with their user account in the Active Directory domain. You need to ensure that Server1 authenticates users based on possession of their certificate. What should you do?()A、 Request a Web server certificate from a commercial certification authority (CA).B、 Configure access restrictions based on employee ip address.C、 Enable Digest authentication for Windows domain servers.D、 Configure client certificate mapping.
You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. One domain controller on the network is configured as a certification authority (CA). The network contains a Web server that runs IIS 6.0 and hosts a secure intranet site. The server also hosts other sites that do not require HTTPS. You configure a server certificate on the IIS server by using a certificate from your internal CA. All users are required to connect to the intranet site by using HTTPS. Some users report that they cannot connect to the secure intranet site by using HTTPS. You confirm that all users can connect to the nonsecure sites hosted on the Web server by using HTTP. You want to view the failed HTTPS requests. What should you do?()A、Review the log files created by IIS on the Web server.B、Review the security log in Event Viewer on the Web server.C、Review the security log in Event Viewer on the ca.D、Review the contents of the Failed Requests folder on the ca.
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003.The network contains a Web server named Server1 that runs IIS 6.0 and hosts a secure Web site. The Web site is accessible from the intranet, as well as from the Internet. All users must authenticate when they connect to Server1. All users on the Internet must use a secure protocol to connect to the Web site. Users on the intranet do not need to use a secure protocol.You need verify that all users are using a secure protocol to connect to Server1 from the Internet. What are two possible ways to achieve this goal?()A、Monitor the events in the application log on Server1.B、Monitor the events in the security log on Server1.C、Monitor the Web server connections on Server1 by using a performance log.D、Monitor network traffic to Server1 by using Network Monitor.E、Monitor the IIS logs on Server1.
单选题You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()AImport the enterprise root CA certificate.BConfigure the Certificate Distribution Point (CDP) extension.CConfigure the Authority Information Access (AIA) extension.DAdd the Server2 computer account to the CertPublishers group.
单选题Your network contains a Terminal Services server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has a server certificate from a trusted authority installed. All Terminal Services clients have the RDP client version 5.2 installed. You need to ensure that all Terminal Services connections to Server1 use Transport Layer Security. What should you do?()AIn Terminal Services Configuration, change the permissions for Remote Desktop Users to Full Control.BIn Terminal Services Configuration, change the security layer setting to Negotiate and set the encryption level to High.CIn Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.DIn Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
单选题Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2. Server1 has the Active Directory Federation Services (AD FS) Federation Service role service installed. You plan to deploy AD FS 2.0 on Server2. You need to export the token-signing certificate from Server1, and then import the certificate to Server2. Which format should you use to export the certificate()ABase-64 encoded X.509 (.cer)BCryptographic Message Syntax Standard PKCS #7 (.p7b)CDER encoded binary X.509 (.cer)DPersonal Information Exchange PKCS #12 (.pfx)
单选题Your network contains a Network Policy and Access Services server named Server1. All certificates in theorganization are issued by an enterprise certification authority (CA) named Server2. You have a standalonecomputer named Computer1 that runs Windows 7. Computer1 has a VPN connection that connects toServer1 by using SSTP. You attempt to establish the VPN connection to Server1 and receive the followingerror message: A certificate chain processed, but terminated in a root certificate which is not trusted by thetrust provider. You need to ensure that you can successfully establish the VPN connection to Server1. What should you do on Computer1?()AImport the root certificate to the user s Trusted Publishers store.BImport the root certificate to the computer s Trusted Root Certification Authorities store.CImport the server certificate of Server1 to the user s Trusted Root Certification Authorities store.DImport the server certificate of Server1 to the computer s Trusted Root Certification Authorities store.
单选题You have a server named Server1 that has the following Active Directory Certificate Services (AD CS) role services installed: ( Enterprise root certification authority (CA) .Certificate Enrollment Web Service .Certificate Enrollment Policy Web Service You create a new certificate template. External users report that the new template is unavailable when they request a new certificate. You verify that all other templates are available to the external users. You need to ensure that the external users can request certificates by using the new template. What should you do on Server1()ARun iisreset.exe /restart. BRun gpupdate.exe /force. CRun certutil.exe dspublish.DRestart the Active Directory Certificate Services service.
单选题Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed. External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: There is a problem with this Web sites security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority. You find that users onthe corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()AIn IIS Manager, enable the Enable client certificate mapping option.BIn IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.CIn Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.DIn Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
单选题Your network contains a Web server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has one Web site. You configure Server1 to use a Web server certificate. Users report that they can access the Web site by using http://server1 and https://server1. You need to ensure that all traffic to, and from, Server1 is encrypted. What should you do?()AIn IIS Manager, enable the Require secure channel (SSL) option.BIn IIS Manager, enable the Digest authentication for Windows domain servers option.CIn Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.DIn Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
单选题our network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.” You find that users on the corporate network do not receive this error.You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()AIn IIS Manager, enable the Enable client certificate mapping option. BIn IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority. CIn Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key. DIn Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data
单选题Your network contains an Active Directory forest. All domain controllers run Windows Server 2008 Standard. The functional level of the domain is Windows Server 2003. You have a certification authority (CA). The relevant servers in the domain are configured as shown in the following table. Server name Operating system Server role Server1 Windows Server 2003 Enterprise root CA Server2 Windows Server 2008 Enterprise subordinate CA Server3 Windows Server 2008 R2 Web Server You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate Enrollment Web Service on the network. What should you do()AUpgrade Server1 to Windows Server 2008 R2.BUpgrade Server2 to Windows Server 2008 R2.CRaise the functional level of the domain to Windows Server 2008.DInstall the Windows Server 2008 R2 Active Directory Schema updates.
单选题Your network contains an Active Directory forest. All domain controllers run Windows Server 2008 Standard. The functional level of the domain is Windows Server 2003. You have a certification authority (CA). The relevant servers in the domain are configured as shown in the following table: Server name Operating system Server role Server1 Windows Server 2003 Enterprise root CA Server2 Windows Server 2008 Enterprise subordinate CA Server3 Windows Server 2008 R2 Web Server You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate Enrollment Web Service on the network. What should you do()AUpgrade Server1 to Windows Server 2008 R2.BUpgrade Server2 to Windows Server 2008 R2.CRaise the functional level of the domain to Windows Server 2008.DInstall the Windows Server 2008 R2 Active Directory Schema updates.
单选题Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.” You find that users on the corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()AIn IIS Manager, enable the Enable client certificate mapping option.BIn IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.CIn Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.DIn Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
单选题Your network contains a stand-alone root certification authority (CA). You have a server named Server1 that runs Windows Server 2008 R2. You issue a server certificate to Server1. You deploy Secure Socket Tunneling Protocol (SSTP) on Server1. You need to recommend a solution that allows external partner computers to access internalnetwork resources by using SSTP. What should you recommend?()AEnable Network Access Protection (NAP) on the network.BDeploy the Root CA certificate to the external computers.CImplement the Remote Desktop Connection Broker role service.DConfigure the firewall to allow inbound traffic on TCP Port 1723.
单选题Your network contains a stand-alone certification authority (CA) and a Web server. The Web server hosts a secure Web site. The Web site uses a server certificate that was issued from the CA. Users report that they receive a certificate warning message when they connect to the Web site. You need to prevent users from receiving the certificate warning message when they connect to the Web site. What should you do from the Internet Options in Internet Explorer?()AImport the CA certificate to the trusted root CA certificate store. BImport the server authentication certificate to the trusted publishers certificate store.CClear the Check for publisher's certificate revocation check box. DClear the Require server verification (https:) for all sites in this zone check box for the Trusted sites zone.
单选题You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. One domain controller on the network is configured as a certification authority (CA). The network contains a Web server that runs IIS 6.0 and hosts a secure intranet site. The server also hosts other sites that do not require HTTPS. You configure a server certificate on the IIS server by using a certificate from your internal CA. All users are required to connect to the intranet site by using HTTPS. Some users report that they cannot connect to the secure intranet site by using HTTPS. You confirm that all users can connect to the nonsecure sites hosted on the Web server by using HTTP. You want to view the failed HTTPS requests. What should you do?()AReview the log files created by IIS on the Web server.BReview the security log in Event Viewer on the Web server.CReview the security log in Event Viewer on the ca.DReview the contents of the Failed Requests folder on the ca.
单选题You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows 2000 Professional. You manage a Windows Server 2003 computer named Server1 that is a domain member server. You use IIS on Server1 to host an Internet Web site. Approximately 4,000 employees of your company connect over the lnternet to access company confidential data on Server1. You control access to data on Server1 by using NTFS file permissions assigned to groups. Different groups are assigned access to different files. Employees must have access only to files that they are assigned access to based on their membership in a group. You enable SSL on Server1 to protect confidential data while it is in transit. You issue each employee an Authenticated Session certificate and store a copy of that certificate with their user account in the Active Directory domain. You need to ensure that Server1 authenticates users based on possession of their certificate. What should you do?()A Request a Web server certificate from a commercial certification authority (CA).B Configure access restrictions based on employee ip address.C Enable Digest authentication for Windows domain servers.D Configure client certificate mapping.