网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
In Windows server permissions, an implicit deny:()
A
denies all accounts except an administrator account.
B
will always result in a deny.
C
will be overridden by an explicit allow.
D
will lock the account out of the server.
参考答案
参考解析
解析:
暂无解析
更多 “单选题In Windows server permissions, an implicit deny:()A denies all accounts except an administrator account.B will always result in a deny.C will be overridden by an explicit allow.D will lock the account out of the server.” 相关考题
考题
In Windows server permissions, an implicit deny:()A、denies all accounts except an administrator account.B、will always result in a deny.C、will be overridden by an explicit allow.D、will lock the account out of the server.
考题
You are the network administrator for your company. All network servers run Windows Server 2003. All client computers run Windows XP Professional. A member server named Server1 is located at a branch office that does not permit the use of Remote Desktop Protocol. Another administrator uses the Backup utility to create a scheduled backup job on Server1. The backup job performs a normal backup of an application server. The application server is removed from the network. You need to use a client computer to remove the backup job from Server1. You cannot travel to the branch office. What should you do? ()A、Use the RUNAS feature to run the at /delete command as the Server1/Administrator account.B、Log on by using your Administrator account and run the ntbackup /D command.C、Log on by using your Administrator account and run the schtasks /delete command.D、Use the RUNAS feature to run the taskkill command as the Server1/Administrator account.
考题
As the Certkiller administrator you had installed a read-only domain controller (RODC) server at remote location. The remote location doesn’t provide enough physical security for the server. What should you do to allow administrative accounts to replicate authentication information to Read-Only Domain Controllers()A、Remove any administrative accounts from RODC’s groupB、Add administrative accounts to the domain Allowed RODC Password Replication groupC、Set the Deny on Receive as permission for administrative accounts on the RODC computer account security tab for the Group Policy Object (GPO)D、Configure a new Group Policy Object (GPO) with the Account Lockout settings enabled. Link the GPO to the remote location. Activate the Read Allow and the Apply group policy Allow permissions for the administrators on the Security tab for the GPO.E、None of the above
考题
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You need to ensure that locked out user accounts remain locked out until an administrator unlocks the accounts. What should you do? ()A、In the Default Domain Policy, set the Account lockout duration to 0.B、In the Default Domain Policy, set the Account lockout duration to 99999.C、From Active Directory Users and Computers, select the Account is trusted for delegation option for all user accounts.D、From Active Directory Users and Computers, select the Account is sensitive and cannot be delegated option for all user accounts.
考题
An administrator needs to grant privileges to other server staff members to run archive utilities on adefault Windows installation. The administrator needs to set the minimum permissions to:()A、 remote users.B、 account operators.C、 server operators.D、 backup operators.
考题
You are the network administrator for your company. All network servers run Windows Server 2003. All client computers run Windows XP Professional. A member server named Server1 is located at a branch office that does not permit the use of Remote Desktop Protocol. Another administrator uses the Backup utility to create a scheduled backup job on Server1. The backup job performs a normal backup of an application server. The application server is removed from the network. You need to use a client computer to remove the backup job from Server1. You cannot travel to the branch office. What should you do?()A、Use the RUNAS feature to run the at /delete command as the Server1/Administrator account.B、Log on by using your Administrator account and run the ntbackup /D command.C、Log on by using your Administrator account and run the schtasks /delete command.D、Use the RUNAS feature to run the taskkill command as the Server1/Administrator account.
考题
You are an administrator at Certkiller .com. Certkiller has a RODC (read-only domain controller) server at a remote location. The remote location doesn’t have proper physical security. You need to activate non- administrative accounts passwords on that RODC server. Which of the following action should be considered to populate the RODC server with non-administrative accounts passwords()A、Delete all administrative accounts from the RODC’s groupB、Configure the permission to Deny on Receive for administrative accounts on the security tab for Group Policy Object (GPO)C、Configure the administrative accounts to be added in the Domain RODC Password Replication Denied groupD、Add a new GPO and enable Account Lockout settings. Link it to the remote RODC server and on the security tab on GPO, check the Read Allow and the Apply group policy permissions for the administrators.E、None of the above
考题
You are a security administrator for your company. The network consists of a single Active Directory domain. Servers run either Windows Server 2003 or Windows 2000 Server. All client computers run Windows XP Professional. The company’s written security policy states that user accounts must be locked if an unauthorized user attempts to guess the users, passwords. The current account policy locks out a user after two invalid password attempts in five minutes. The user remains locked out until the account is reset by an administrator. Users frequently call the help desk to have their account unlocked. Calls related to account lockout constitute 25 percent of help desk calls. You need to reduce the number of help desk calls related to account lockout. What should you do?()A、 Modify the Default Domain Controllers Policy Group Policy object(GPO). Increase the maximum lifetime for serviceB、 Modify the Default Domain Policy Group Policy object(GPO). Configure an account lockout threshold of 10.C、 Modify the Default Domain Controllers Policy Group Policy object(GPO). Disable the enforcement of user logon resD、 Modify the Default Domain Policy Group Policy object(GPO). Increase the minimum password age.
考题
You are the network administrator for All client computers run Windows 2000 Profession al. You recently deployed 10 new servers that run Windows Server 2003. You placed the servers in an new OU named W2K3Servers. Tess is another network administraror. You need to configure the appropriate permissions to allow Tess to manage the new servers by using Terminal Services from her client compueter. You need to assign Tess only the permissions she needs to perform her job. What should you do?()A、Add Tess's users account to the local Power Users group on each server that runs Windows Server 2003.B、Add Tess's users account to the Remote Desktop Users group on each server that runs Windows Server 2003.C、Assign Tess's user account the Allow - Read and the Allow - Write permissions for the W2K3Servers OU.D、Configure the Managed By property for the W2K2Servers Out to Tess's user account.
考题
You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003. You place computer accounts for servers in OUs that are organized by server roles. You apply GPOs to these servers at the OU level. You need to add a new server to the domain. You need to ensure that the appropriate GPOs are applied to this server. What should you do?()A、Prestage a domain computer account for the new server in the appropriate OU. Join the server to the domain by using the prestaged computer account.B、On the server, add the domain name for the Active Directory domain to the DNS suffix setting. Join the server to the domain.C、Assign a user account the Allow - Create permission for the appropriate OU. Join the new server to the domain by using the user account.D、Join the new server to the Active Directory domain. On the new server, run the gpupdate /force command.
考题
You are the network administrator for The network consists of a single Activev Directory domain named . All network servers run Windows Server 2003. purchases a new server to test applications in a stand-alone environment. The company's written security policy states that if a user attempts to log on by using an incorrect password three times in 30 minutes, the account is locked out. An administrator must unlock the account. You discover that users of the new server who have accounts that are locked out can log on again after 30 minutes. You need to ensure that the new server meets the requirements of the written security policy. What should you do?()A、Set the Reset account lockout counter after policy to 1.B、Set the Reset account lockout counter after policy to 99999.C、Set the Account lockout duration policy to 0.D、Set the Account lockout duration policy to 99999
考题
Your network consists of a single Active Directory domain. All servers run Windows Server 2003Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3).You need to ensure that locked out user accounts remain locked out until an administrator unlocks theaccounts.What should you do? ()A、In the Default Domain Policy, set the Account lockout duration to 0.B、In the Default Domain Policy, set the Account lockout duration to 99999.C、From Active Directory Users and Computers, select the Account is trusted for delegation option for all user accounts.D、From Active Directory Users and Computers, select the Account is sensitive and cannot be delegated option for all user accounts.
考题
Your company consists of a single Active Directory domain that is configured in Windows 2000 native mode. All servers run Windows Server 2003 Service Pack 2 (SP2). You deploy a Routing and Remote Access server to provide VPN access to the network.You need to ensure that only members of a group named Sales can access the network through the VPN. The solution must minimize the administrative effort required to manage remote access. What should you do?()A、Allow dial-in access for the user accounts of all Sales group members. B、Deny dial-in access for the user accounts of all users except the Sales group members. C、Create a remote access policy and assign the Allow - Remote Access permission. Add the Windows-Groups condition and specify the Sales group. D、Create a remote access policy and assign the Deny - Remote Access permission. Add the Windows-Groups condition and specify all Active Directory groups except for Sales.
考题
You are the network administrator for your company. The network consists of a single Active Directorydomain. All network servers run Windows Server 2003. Three thousand client computers run Windows 2000Professional, and 1,500 client computers run Windows XP Professional.A new employee named Peter is hired to assist you in installing Windows XP Professional on 150 new client computers.You need to ensure that Peter has only the minimum permissions required to add new computer accounts to the domain and to own the accounts that he creates. Peter must not be able to delete computer accounts.What should you do()?A、Add Peter's user account to the Server Operators group.B、Add Peter's user account to the Account Operators group.C、Use the Delegation of Control Wizard to permit Peter's user account to create new computer objects in the Computers container.D、Create a Group Policy object (GPO) and link it to the domain. Configure the GPO to permit Peter's user account to add client computers to the domain.
考题
You are the network administrator for The network consists of a single Active Directory domain named The functional level of the domain is Windows Server 2003. Some user accounts have expiring passwords and some do not. You need to identify all user accounts that do not have expiring passwords. You need to modify the password property to allow the passwords on these accounts to expire. You must complete this task by using the minimum amount of administrative effort. First, you create a saved query to obtain a list of all user accounts that do not have expiring passwords. What should you do next?()A、Export the query results to a comma-delimited file. Use a CSVDE script to modify the password property of each user account.B、From the Results pane of the query, select all user accounts and modify their password properties simultaneously.C、Export the query results to a comma-delimited file. Use an LDIFDE script to modify the password property of each user account.D、From the Results pane of the query, select each user account and modify the password property, one by one.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directorydomain. All network servers run Windows Server 2003. Three thousand client computers run Windows 2000Professional, and 1,500 client computers run Windows XP Professional.A new employee named Peter is hired to assist you in installing Windows XP Professional on 150 new client computers.You need to ensure that Peter has only the minimum permissions required to add new computer accounts to the domain and to own the accounts that he creates. Peter must not be able to delete computer accounts.What should you do()?A
Add Peter's user account to the Server Operators group.B
Add Peter's user account to the Account Operators group.C
Use the Delegation of Control Wizard to permit Peter's user account to create new computer objects in the Computers container.D
Create a Group Policy object (GPO) and link it to the domain. Configure the GPO to permit Peter's user account to add client computers to the domain.
考题
单选题You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. Three thousand client computers run Windows 2000 Professional, and 1,500 client computers run Windows XP Professional. A new employee named Dr King is hired to assist you in installing Windows XP Professional on 150 new client computers. You need to ensure that Dr King has only the minimum permissions required to add new computer accounts to the domain and to own the accounts that he creates. Dr King must not be able to delete computer accounts. What should you do?()A
Add Dr King's user account to the Server Operators group.B
Add Dr King's user account to the Account Operators group.C
Use the Delegation of Control Wizard to permit Dr King's user account to create new computer objects in the Computers container.D
Create a Group Policy object (GPO) and link it to the domain. Configure the GPO to permit Dr King's user account to add client computers to the domain.
考题
单选题You are an administrator at Certkiller .com. Certkiller has a RODC (read-only domain controller) server at a remote location. The remote location doesn’t have proper physical security. You need to activate non- administrative accounts passwords on that RODC server. Which of the following action should be considered to populate the RODC server with non-administrative accounts passwords()A
Delete all administrative accounts from the RODC’s groupB
Configure the permission to Deny on Receive for administrative accounts on the security tab for Group Policy Object (GPO)C
Configure the administrative accounts to be added in the Domain RODC Password Replication Denied groupD
Add a new GPO and enable Account Lockout settings. Link it to the remote RODC server and on the security tab on GPO, check the Read Allow and the Apply group policy permissions for the administrators.E
None of the above
考题
单选题You are the network administrator for All client computers run Windows 2000 Profession al. You recently deployed 10 new servers that run Windows Server 2003. You placed the servers in an new OU named W2K3Servers. Tess is another network administraror. You need to configure the appropriate permissions to allow Tess to manage the new servers by using Terminal Services from her client compueter. You need to assign Tess only the permissions she needs to perform her job. What should you do?()A
Add Tess's users account to the local Power Users group on each server that runs Windows Server 2003.B
Add Tess's users account to the Remote Desktop Users group on each server that runs Windows Server 2003.C
Assign Tess's user account the Allow - Read and the Allow - Write permissions for the W2K3Servers OU.D
Configure the Managed By property for the W2K2Servers Out to Tess's user account.
考题
单选题You are a security administrator for your company. The network consists of a single Active Directory domain. Servers run either Windows Server 2003 or Windows 2000 Server. All client computers run Windows XP Professional. The company’s written security policy states that user accounts must be locked if an unauthorized user attempts to guess the users, passwords. The current account policy locks out a user after two invalid password attempts in five minutes. The user remains locked out until the account is reset by an administrator. Users frequently call the help desk to have their account unlocked. Calls related to account lockout constitute 25 percent of help desk calls. You need to reduce the number of help desk calls related to account lockout. What should you do?()A
Modify the Default Domain Controllers Policy Group Policy object(GPO). Increase the maximum lifetime for serviceB
Modify the Default Domain Policy Group Policy object(GPO). Configure an account lockout threshold of 10.C
Modify the Default Domain Controllers Policy Group Policy object(GPO). Disable the enforcement of user logon resD
Modify the Default Domain Policy Group Policy object(GPO). Increase the minimum password age.
考题
单选题Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You need to ensure that locked out user accounts remain locked out until an administrator unlocks the accounts. What should you do? ()A
In the Default Domain Policy, set the Account lockout duration to 0.B
In the Default Domain Policy, set the Account lockout duration to 99999.C
From Active Directory Users and Computers, select the Account is trusted for delegation option for all user accounts.D
From Active Directory Users and Computers, select the Account is sensitive and cannot be delegated option for all user accounts.
考题
单选题An administrator needs to grant privileges to other server staff members to run archive utilities on adefault Windows installation. The administrator needs to set the minimum permissions to:()A
remote users.B
account operators.C
server operators.D
backup operators.
考题
单选题Your network consists of a single Active Directory domain. All servers run Windows Server 2003Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3).You need to ensure that locked out user accounts remain locked out until an administrator unlocks theaccounts.What should you do? ()A
In the Default Domain Policy, set the Account lockout duration to 0.B
In the Default Domain Policy, set the Account lockout duration to 99999.C
From Active Directory Users and Computers, select the Account is trusted for delegation option for all user accounts.D
From Active Directory Users and Computers, select the Account is sensitive and cannot be delegated option for all user accounts.
考题
单选题You are the network administrator for your company. Your network consists of a single Active Directory domain. Three security groups named Accountants, Processors, and Management are located in an organizational unit (OU) named Accounting. All of the user accounts that belong to these three groups are also in the Accounting OU. You create a Group Policy object (GPO) and link it to the Accounting OU. You configure the GPO to disable the display options under the User Configuration section of the GPO. You need to achieve the following goals: You need to ensure that the GPO applies to all user accounts that are members of the Processors group. You need to prevent the GPO fromapplying to any user account that is a member of the Accountants group. You need to prevent the GPO from applying to any user account that is a member of the Management group, unless the user account is also a member of the Processors group. What should you do?()A
Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL of the GPO to assign the users who are in both the Accountants and Management security groups the Allow - Read and the Allow - Apply Group Policy permissions.B
Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Create a new security group named Mixed that contains all the user accounts from the Processors group and the specific user accounts from the Management group to which you want the GPO to apply. Modify the DACL of the GPO to assign the Mixed security group the Allow - Read and the Allow - Apply Group Policy permissions.C
Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants security group the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL settings of the GPO to remove the Authenticated Users special group. Modify the DACL settings of the GPO to add the Processors group and assign the Allow - Read and the Allow - Apply Group Policy permissions.D
Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants security group the Deny - Read and the Allow - Apply Group Policy permissions. Modify the DACL settings of the GPO to assign the Management security group the Deny - Read and the Deny - Apply Group Policy permissions.
考题
单选题You are the domain administrator for your company's Active Directory domain. All client computers run Windows 2000 Professional. You recently deployed 10 new servers that run Windows Server 2003. You placed the servers in a new organizational unit (OU) named W2K3Servers. Anne is another network administrator. You need to configure the appropriate permissions to allow Anne to manage the new servers by using Terminal Services from her client computer. You need to assign Anne only the permissions she needs to perform her job. What should you do? ()A
Add Anne's user account to the local Power Users group on each server that runs Windows Server 2003.B
Add Anne's user account to the Remote Desktop Users group on each server that runs Windows Server 2003.C
Assign Anne's user account the Allow - Read and the Allow - Write permissions for the W2K3Servers OU.D
Configure the Managed By property for the W2K3Servers OU to Anne's user account.
考题
单选题As the Certkiller administrator you had installed a read-only domain controller (RODC) server at remote location. The remote location doesn’t provide enough physical security for the server. What should you do to allow administrative accounts to replicate authentication information to Read-Only Domain Controllers()A
Remove any administrative accounts from RODC’s groupB
Add administrative accounts to the domain Allowed RODC Password Replication groupC
Set the Deny on Receive as permission for administrative accounts on the RODC computer account security tab for the Group Policy Object (GPO)D
Configure a new Group Policy Object (GPO) with the Account Lockout settings enabled. Link the GPO to the remote location. Activate the Read Allow and the Apply group policy Allow permissions for the administrators on the Security tab for the GPO.E
None of the above
考题
单选题You are the network administrator for The network consists of a single Activev Directory domain named . All network servers run Windows Server 2003. purchases a new server to test applications in a stand-alone environment. The company's written security policy states that if a user attempts to log on by using an incorrect password three times in 30 minutes, the account is locked out. An administrator must unlock the account. You discover that users of the new server who have accounts that are locked out can log on again after 30 minutes. You need to ensure that the new server meets the requirements of the written security policy. What should you do?()A
Set the Reset account lockout counter after policy to 1.B
Set the Reset account lockout counter after policy to 99999.C
Set the Account lockout duration policy to 0.D
Set the Account lockout duration policy to 99999
热门标签
最新试卷
