网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
You need to design a security strategy for communications between the Boston and New York offices. What should you do?()
A
Configure RRAS2 as a VPN server. Use Web enrollment to acquire computer certificates for both RRAS1 and RRAS2. Create demand-dial L2TP/IPSec connections on both RRAS1 and RRAS2. Configure dial-out credentials on both RRAS1 and RRAS2. Enable the Basic Firewall settings on RRAS1 and RRAS2
B
Configure RRAS2 as a VPN server. Create demand-dial L2TP/IPSec connections on both RRAS1 and RRAS2. Configure dial-out credentials on both RRAS1 and RRAS2. Configure static routes on both RRAS1 and RRAS2. Set the connection type to persistent on the demand-dial interface on both RRAS1 and RRAS2
C
Create a new OU named RRAS Servers in the boston.northwindtraders.com domain. Move RRAS1 into the RRAS Servers OU. On the Default Domain Policy Group Policy object (GPO), edit the Secure Server (Require Security) IPSec policy. Configure the IPSec policy to use a certificate for authentication. Specify RRAS2 as the tunnel endpoint. Assign the IPSec policy.
D
Create a new OU named RRAS Server in the northwindtraders.com domain. Move the RRAS2 into the RRAS Servers OU. On the RRAS Servers OU create new Group Policy object (GPO) named IPSECPOL. In IPSECPOL create an IPSec policy and specify RRAS as the tunnel.
参考答案
参考解析
解析:
暂无解析
更多 “单选题You need to design a security strategy for communications between the Boston and New York offices. What should you do?()A Configure RRAS2 as a VPN server. Use Web enrollment to acquire computer certificates for both RRAS1 and RRAS2. Create demand-dial L2TP/IPSec connections on both RRAS1 and RRAS2. Configure dial-out credentials on both RRAS1 and RRAS2. Enable the Basic Firewall settings on RRAS1 and RRAS2B Configure RRAS2 as a VPN server. Create demand-dial L2TP/IPSec connections on both RRAS1 and RRAS2. Configure dial-out credentials on both RRAS1 and RRAS2. Configure static routes on both RRAS1 and RRAS2. Set the connection type to persistent on the demand-dial interface on both RRAS1 and RRAS2C Create a new OU named RRAS Servers in the boston.northwindtraders.com domain. Move RRAS1 into the RRAS Servers OU. On the Default Domain Policy Group Policy object (GPO), edit the Secure Server (Require Security) IPSec policy. Configure the IPSec policy to use a certificate for authentication. Specify RRAS2 as the tunnel endpoint. Assign the IPSec policy.D Create a new OU named RRAS Server in the northwindtraders.com domain. Move the RRAS2 into the RRAS Servers OU. On the RRAS Servers OU create new Group Policy object (GPO) named IPSECPOL. In IPSECPOL create an IPSec policy and specify RRAS as the tunnel.” 相关考题
考题
你们需要安保专家对场馆做安全评估吗?A.Do you need a security expert to value the potential danger of the region?B.Do you need a security expert to calculate the potential adventure of the area?C.Do you need a security expert to account the potential risks of the region?D.Do you need a security expert to evaluate the potential risks of the place?
考题
You need to design the retrieval of advertising statistics without compromising security. What should you do?()A、Design a Notification Services solution that sends the advertising statistics to specified subscribers by e-mail.B、Design a SQL Server Web service that runs a stored procedure to return the statistics on a call from the advertisers application.C、Design a Database Mail solution that sends the advertising statistics to e-mail addresses that are specified in a table.D、Design a stored procedure to return the statistics on a call from the advertisers application.E、Design a user-defined function to return the statistics on a call from the advertisers application.
考题
You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do?()A、Create a script that installs the Hisecdc.inf security templateB、Use a GPO to distribute and apply the Hisec.inf security templateC、Use the System Policy Editor to configure each server’s security settingsD、Use a GPO to distribute and apply a custom security template
考题
You need to design a security strategy for VPN2. Your solution must meet business requirements. What should you do?()A、Create and configure a new security template. Import the template into the Default Domain Policy Group Policy object (GPO)B、Install Internet Authentication Service (IAS) on RAS1. Configure VPN2 to be the RADIUS client of RAS1. Configure the remote access policy on VPN2C、Create and configure a new security template. Import the template into the local policy on VPN2D、Move VPN2 into the VPN Servers OU. Configure the remote access policy on VPN2
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A、 Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B、 Apply the Application.inf template and then the Hisecws.inf template.C、 Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D、 Apply the Setup security.inf template and then the Application.inf template.
考题
You need to design an audit strategy for Southbridge Video. Your solution must meet business requirements.What should you do?()A、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO, and link it to the domain. Import the new security template into the new GPOB、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO, and link it to the Domain Controllers OU. Import the new security template into the new GPOC、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO, and link it to the Domain Controllers OU. Import the new security template into the new GPOD、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO, and link it to the domain. Import the new security template into the new GPO
考题
You need to design an access control strategy for the marketing application. You solution must minimize impact on server and network performance. What should you do?()A、Require client computers to connect to the marketing application by using a VPN connectionB、Use IPSec to encrypt communications between the servers in the New York and Atlanta officesC、Require the high security setting on Terminal Services connections to the marketing applicationD、Configure all marketing application Web pages to require SSL
考题
You need to recommend a Group Policy strategy for the Remote Desktop servers. What should you include in the recommendation?()A、block inheritanceB、loopback processingC、security filteringD、WMI filtering
考题
You need to design a security strategy for the DHCP servers in the Seattle office. Which two actions should you perform?()A、Disable all unnecessary services on each DHCP serverB、Modify the discretionary access control lists (DACLs) in Active Directory so that only members of the Enterprise Admins security group can authorize additional DHCP serversC、Use an IPSec policy that allows only the packets necessary for DHCP and domain membership for each DHCP serverD、Install a digital certificate for SSL on each DHCP server
考题
You need to design a method to address the chief information officer’s security concerns. What should you do?()A、Configure Windows Management Instrumentation (WMI) filtering options in the Default Domain Policy GPOB、Use the gpresult commandC、Use Mbsacli.exeD、Configure software restriction policy options in the Default Domain Policy GPO
考题
You need to design a method to ensure that research intellectual property remains confidential. You solution must meet security requirements. What should you do?()A、Require client computers to connect to research intellectual property through a SSL VPNB、Place SFSQL1 and ATLSQL1 on a separate virtual LAN from the internal network. Grant access to these virtual LAN segments to only the client computers that are used by authorized usersC、Require that communications between SFSQL1, SFFP1, ATLSQL1, and ATLFP1 use IPSecD、Create a separate subnet for all servers that contain research intellectual property
考题
You need to design an administrative control strategy for Denver administrators. What should you do?()A、Create a security group named HelpDesk. Add the HelpDesk group to the Enterprise Admins group in both domainsB、Create a security group named HelpDesk. Add the HelpDesk group to the Domain Admins groups in both domainsC、Add the Domain Admins group in the litwareinc.com domain to the Domain Admins group in the contoso.com domain. Delegate full control of the litwareinc.com domain to the Domain Admins group in the contoso.com domainD、Create a security group named HelpDesk for each office. Delegate administrative tasks to their respective OU or domain.Delegate full control of the contoso.com domain to the Domain Admins group from the litwareinc.com domain
考题
You are designing a strategy for migrating domain user accounts to the new Windows Server 2003 Active Directory environment. You want to identify the minimum number of trust relationships that need to be manually created to perform this operation. Which design should you use?()A、one external trust relationshipB、two external trust relationshipsC、six external trust relationshipsD、twelve external trust relationshipsE、one two-way cross-forest trust relationship
考题
You need to design an access control and permission strategy for user objects in Active Directory.What should you do?()A、Make the members of the AdvancedSupport security group members of the Domain Admins security groupB、Give each desktop support technician permission to reset passwords for the top-level OU that contains user accounts at their own locationC、Delegate full control over all OUs that contain user accounts to all AllSupport security groupD、Change the permissions on the domain object and its child objects so that the BasicSupport security group is denied permissions. Then, add a permission to each OU that contains user accounts that allows AllSupport security group members to reset passwords in that OU
考题
You need to recommend a security strategy for WebApp2 that meets the company’s applicaton requirements.What should you include in the recommendation?()A、Basic authentication and connection security rulesB、Basic authentication and SSLC、Digest authentication and connection security rulesD、Digest authentication and SSL
考题
Your environment includes multiple Windows Server 2008 R2 Hyper-V servers. You are designing an administrative strategy for virtual machines (VMs). You need to ensure that members of the Security Compliance Active Directory Domain Services (AD DS) security group can monitor failed logon events on the VMs. What should you do?()A、Add the Security Compliance group to the local administrators group of each VMB、Add the Security Compliance group to the local administrators group of each Hyper-V serverC、In the InitialStore.xml file of each VM, define an access policy for the Security Compliance groupD、in the InitialStore.xml file of each Hyper-V server, define an access policy for the Security Compliance group
考题
You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?()A、Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domainB、Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security templateC、Create a logon script to run the secedit command to analyze all servers in the domainD、Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain
考题
单选题You need to design a security strategy for a remote e-mail access. What should you do?()A
Require remote users to access e-mails by using Outlook Mobile AccessB
Require Outlook Web Access users to install the secure MIME ActiveX-Control and to encrypt all messagesC
On Outlook Web Access servers that accept connections from the Internet configure IIS to require SSL for all connectionsD
On Outlook Web Access servers that accept connections from the Internet configure IIS to require Integrated Windows Authentication
考题
单选题You need to design an access control strategy for the Payment folder for the Sales Managers group. What should you do?()A
Use IPSec in transport modeB
Use Encrypting File System (EFS) over Web Distributed Authoring and Versioning (WebDAV)C
Use PEAP-EAP-TLSD
Use Encrypting File System (EFS) remote encryption
考题
多选题You are designing a service that will use the Windows Azure AppFabric Service Bus. You need to recommend an approach for controlling access to the service by using the Windows Azure AppFabric Access Control Service. Which two actions should you recommend?()AConfigure the service to not require authentication.BConfigure the service to require a relay access token.CSpecify message security for all communications between clients and the service.DSpecify transport security for allcommunications between clients and the service.
考题
多选题You need to design a strategy to increase security for the client computers in the finance department. Which two actions should you perform?()AEnable automatic certificate enrollmentBEnforce smart card logonsCEnable Encrypting File System (EFS) for offline filesDEnable a screen saver password
考题
单选题You need to design a patch management strategy for Southbridge Video. Your solution must meet business requirements. What should you do?()A
Configure all client computers to use Automatic Updates to obtain security patches from the Windows Update Web site. Test and install all patchesB
Configure a batch file to download security patches daily. Distribute the security patches by using a.zap file and the Default Domain Policy Group Policy object (GPO)C
Deploy a Software Update Services (SUS) server. Test all security patches and then approve them. Configure all client computers to automatically obtain updates from the serverD
Configure a batch file to download security patches daily. Manually install the security patches on all computers
考题
单选题You need to design the consolidation strategy for the Promotions and Partners databases. You want to choose a strategy that results in the best database performance while maintaining the permissions of end users in each database.What consolidation strategy should you choose?()A
Place each database in a separate instance running on SQL2.B
Place each database in a separate instance running on SQL3.C
Place both databases in a single instance running on SQL2.D
Place both databases in a single instance running on SQL3.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A
Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B
Apply the Application.inf template and then the Hisecws.inf template.C
Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D
Apply the Setup security.inf template and then the Application.inf template.
考题
单选题You need to design a group membership strategy for the EditorialAdmins group. What should you do?()A
Move the EditorialAdmins group to the Servers OU in the editorial departmentB
Move the members of the EditorialAdmins group to the Editorial OUC
Move the members of the EditorialAdmins group to the New York OUD
Move the EditorialAdmins group to the New York OU
考题
单选题You need to design a monitoring strategy to meet business requirements for data on servers in the production department. What should you do?()A
Use the Microsoft Baseline Security Analyzer (MBSA) to scan for Windows vulnerabilities on all servers in the production departmentB
Run Security and Configuration Analysis to analyze the security settings of all servers in the production departmentC
Enable auditing for data on each server in the production department. Run System Monitor on all servers in the production department to create a counter log that tracks activity for the Objects performance objectD
Create a Group Policy Object (GPO) that enables auditing for object access and link it to the product department’s Servers OU. Enable auditing for data on each server in the production department
考题
单选题Your environment includes multiple Windows Server 2008 R2 Hyper-V servers. You are designing an administrative strategy for virtual machines (VMs). You need to ensure that members of the Security Compliance Active Directory Domain Services (AD DS) security group can monitor failed logon events on the VMs. What should you do?()A
Add the Security Compliance group to the local administrators group of each VMB
Add the Security Compliance group to the local administrators group of each Hyper-V serverC
In the InitialStore.xml file of each VM, define an access policy for the Security Compliance groupD
in the InitialStore.xml file of each Hyper-V server, define an access policy for the Security Compliance group
考题
单选题You need to design a method to monitor the security configuration of the IIS server to meet the requirements in the written security policy. What should you do?()A
Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the IIS server computer accountB
Run the Microsoft Baseline Security Analyzer (MBSA) on the IIS server and scan for vulnerabilities in Windows and IIS checksC
Run Security Configuration and Analysis to analyze the IIS server’s security settings by using a custom security templateD
On the IIS server, run the gpresult command from a command prompt and analyze the output
热门标签
最新试卷