考题
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A、 UrlScan Security ToolB、 Enterprise Scan Tool (EST)C、 Malicious Removal Tool (MRT)D、 Microsoft Baseline Security Analyzer (MBSA)
考题
The company is evaluating using a new Active Directory domain to contain all customer user accounts. You need to design a monitoring or logging strategy that meets business and security requirements for the new Web-based ordering application. Your solution must minimize overhead on existing domain controllers and servers. What should you do?()A、Enable logon auditing in both the new and the existing domainsB、Enable logon auditing only in the existing domainC、Enable logon auditing only in the new domainD、Enable logon auditing on only the Web server
考题
You need to design a monitoring strategy to meet business requirements for data on servers in the production department. What should you do?()A、Use the Microsoft Baseline Security Analyzer (MBSA) to scan for Windows vulnerabilities on all servers in the production departmentB、Run Security and Configuration Analysis to analyze the security settings of all servers in the production departmentC、Enable auditing for data on each server in the production department. Run System Monitor on all servers in the production department to create a counter log that tracks activity for the Objects performance objectD、Create a Group Policy Object (GPO) that enables auditing for object access and link it to the product department’s Servers OU. Enable auditing for data on each server in the production department
考题
You need to design a method to monitor the security configuration of the IIS server to meet the requirements in the written security policy. What should you do?()A、Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the IIS server computer accountB、Run the Microsoft Baseline Security Analyzer (MBSA) on the IIS server and scan for vulnerabilities in Windows and IIS checksC、Run Security Configuration and Analysis to analyze the IIS server’s security settings by using a custom security templateD、On the IIS server, run the gpresult command from a command prompt and analyze the output
考题
You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do?()A、Create a script that installs the Hisecdc.inf security templateB、Use a GPO to distribute and apply the Hisec.inf security templateC、Use the System Policy Editor to configure each server’s security settingsD、Use a GPO to distribute and apply a custom security template
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A、 Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B、 Apply the Application.inf template and then the Hisecws.inf template.C、 Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D、 Apply the Setup security.inf template and then the Application.inf template.
考题
You need to recommend a backup strategy for the servers in the San Francisco office. The strategy must meet the company's technical requirements What should you include in the recommendation?()A、native-boot virtual hard disks (VHDs)B、Microsoft System Center Data Protection Manager 2010C、system restore pointsD、Windows Server Backup
考题
You need to recommend a solution for monitoring the servers. The solution must meet the company’s technical requirements What should you include in the recommendation?()A、Data Collector Sets (DCSs)B、event subscriptionsC、Reliability MonitorD、Windows System Resource Manager (WSRM)
考题
You have a server that runs Windows Server 2003 Service Pack 2 (SP2). You need to compare the current security settings of the server to a security template. Which tool should you use?()A、Security Templates snap-inB、Group Policy Management ConsoleC、Security Configuration and Analysis snap-inD、Microsoft Baseline Security Analyzer (MBSA)
考题
You need to design a patch management strategy for Northwind Traders. What should you do?()A、Configure the Default Domain Policy Group Policy object (GPO) for the northwindtraders.com domain to configure client computers to download updates from the SUS server in New York. Configure the Default Domain Policy GPO for the boston.northwindtraders.com domain to configure client computers to download updates from the SUS server in New YorkB、Use Group Policy to configure client computers to download updates from a Windows Update server on the Internet. Configure the Default Domain Policy Group Policy object (GPO) with a startup script that runs Mbsacli.exe. Configure it to scan the computers in both of the branch officesC、Install and configure a SUS server in the Boston branch office. Configure the server to download updates from a Windows Update server on the Internet. Configure Microsoft Baseline Security Analyzer (MBSA) to scan for updates and computers in the New York officeD、Install and configure a SUS server in each branch office. Configure the SUS servers to download updates from the New York SUS server. Configure Microsoft Baseline Security Analyzer (MBSA) to scan for updates on computers in the New York office
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional. You are planning a security update infrastructure. You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically. What should you do? ()A、 Schedule the secedit command to run every night.B、 Schedule the mbsacli.exe command to run every night.C、 Install Microsoft Baseline Security Analyzer (MBSA) on one of the servers. Configure Automatic Updates on all other computers to use that server.D、 Install Software Update Services (SUS) on one of the servers. Configure the SUS server to update every night.
考题
You need to recommend a process for monitoring the servers. The process must meet the company’s technical requirements. What should you include in the recommendation?()A、event subscriptionsB、Data Collector Sets (DCSs)C、Resource MonitorD、Microsoft System Center Operations Manager
考题
You need to ensure that all servers meet the company’s security requirements. Which tool should you use?()A、Microsoft Baseline Security Analyzer (MBSA)B、Microsoft Security Assessment Tool (MSAT)C、Resultant Set of Policy (RSoP)D、Security Configuration Wizard (SCW)
考题
Your company has client computers that run Windows Vista and client computers that run Windows 7. The client computers connect directly to the Microsoft Update Web site once per week and automatically install all available security updates. Microsoft releases a security update for Windows 7. You have the following requirements: Create a report of all Windows 7 computers that are currently connected to the network and that do not have the security update installed. Use the least amount of administrative effort. You need to manage the software update process to meet the requirements. What should you do?()A、 Deploy Microsoft Windows Server Update Services (WSUS). Approve the security update for installation,and forcea detection cycle on the client computers.B、 Deploy Microsoft Windows Server Update Services (WSUS). Approve the security update for detection, and force adetection cycle on the client computers.C、 Use the Microsoft Baseline Security Analyzer (MBSA) to scan the client computers.Configure MBSA to use the Microsoft Update site catalog.D、 Use the Microsoft Baseline Configuration Analyzer (MBCA) to scan the client computers.
考题
You need to design a remote administration solution for servers on the internal network. Your solution must meet business and security requirements. What should you do?()A、Permit administrators to use an HTTP interface to manage servers remotelyB、Permit only administrators to connect to the servers’ Telnet serviceC、Permit administrators to manage the servers by using Microsoft NetMeetingD、Require administrators to use Remote Desktop for Administration connections to manage the servers
考题
You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?()A、Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domainB、Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security templateC、Create a logon script to run the secedit command to analyze all servers in the domainD、Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain
考题
单选题You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do?()A
Create a script that installs the Hisecdc.inf security templateB
Use a GPO to distribute and apply the Hisec.inf security templateC
Use the System Policy Editor to configure each server’s security settingsD
Use a GPO to distribute and apply a custom security template
考题
单选题You need to design a remote administration solution for servers on the internal network. Your solution must meet business and security requirements. What should you do?()A
Permit administrators to use an HTTP interface to manage servers remotelyB
Permit only administrators to connect to the servers’ Telnet serviceC
Permit administrators to manage the servers by using Microsoft NetMeetingD
Require administrators to use Remote Desktop for Administration connections to manage the servers
考题
单选题You need to design a method to monitor the security configuration of the IIS server to meet the requirements in the written security policy. What should you do?()A
Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the IIS server computer accountB
Run the Microsoft Baseline Security Analyzer (MBSA) on the IIS server and scan for vulnerabilities in Windows and IIS checksC
Run Security Configuration and Analysis to analyze the IIS server’s security settings by using a custom security templateD
On the IIS server, run the gpresult command from a command prompt and analyze the output
考题
单选题You need to design a patch management strategy for Northwind Traders. What should you do?()A
Configure the Default Domain Policy Group Policy object (GPO) for the northwindtraders.com domain to configure client computers to download updates from the SUS server in New York. Configure the Default Domain Policy GPO for the boston.northwindtraders.com domain to configure client computers to download updates from the SUS server in New YorkB
Use Group Policy to configure client computers to download updates from a Windows Update server on the Internet. Configure the Default Domain Policy Group Policy object (GPO) with a startup script that runs Mbsacli.exe. Configure it to scan the computers in both of the branch officesC
Install and configure a SUS server in the Boston branch office. Configure the server to download updates from a Windows Update server on the Internet. Configure Microsoft Baseline Security Analyzer (MBSA) to scan for updates and computers in the New York officeD
Install and configure a SUS server in each branch office. Configure the SUS servers to download updates from the New York SUS server. Configure Microsoft Baseline Security Analyzer (MBSA) to scan for updates on computers in the New York office
考题
单选题The company is evaluating using a new Active Directory domain to contain all customer user accounts. You need to design a monitoring or logging strategy that meets business and security requirements for the new Web-based ordering application. Your solution must minimize overhead on existing domain controllers and servers. What should you do?()A
Enable logon auditing in both the new and the existing domainsB
Enable logon auditing only in the existing domainC
Enable logon auditing only in the new domainD
Enable logon auditing on only the Web server
考题
单选题You need to ensure that all servers meet the company’s security requirements. Which tool should you use?()A
Microsoft Baseline Security Analyzer (MBSA)B
Microsoft Security Assessment Tool (MSAT)C
Resultant Set of Policy (RSoP)D
Security Configuration Wizard (SCW)
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional. You are planning a security update infrastructure. You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically. What should you do? ()A
Schedule the secedit command to run every night.B
Schedule the mbsacli.exe command to run every night.C
Install Microsoft Baseline Security Analyzer (MBSA) on one of the servers. Configure Automatic Updates on all other computers to use that server.D
Install Software Update Services (SUS) on one of the servers. Configure the SUS server to update every night.
考题
单选题Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A
UrlScan Security ToolB
Enterprise Scan Tool (EST)C
Malicious Removal Tool (MRT)D
Microsoft Baseline Security Analyzer (MBSA)
考题
单选题You are one of the network administrators for All network servers run Windows Server 2003. TestKing operates a total of four offices. The office where you work has 15 servers. You are responsible for supporting and maintaining all of these servers. You need to design a monitoring plan that will achieve the following goals: 1. Track all performance changes on the servers. 2. Record performance data to anticipate the need for future upgrades. What should you do?()A
On each server in your office, use Performance Logs and Alerts to create a baseline log. Configure the log to collect data every five minutes for one day. Use the same counters for each server to create a log file. Schedule the log to run weekly.B
From a monitoring computer, use Performance Logs and Alerts to create a baseline log for each server in your office. Configure the log to collect data every five minutes for one day. Use the same counters for each server to create a log file. Schedule the log to run weekly.C
On each server in your office, use Performance Logs and Alerts to create threshold-based alerts. Configure the alerts to send a message to your monitoring computer when they are triggered. Set each alert to start a new scan when the alert finishes.D
From a monitoring computer use Performance Logs and Alerts to create a new counter set in System Monitor. Configure the counters to run continuously.
考题
单选题You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?()A
Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domainB
Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security templateC
Create a logon script to run the secedit command to analyze all servers in the domainD
Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain
考题
单选题Your company has client computers that run Windows Vista and client computers that run Windows 7. The client computers connect directly to the Microsoft Update Web site once per week and automatically install all available security updates. Microsoft releases a security update for Windows 7. You have the following requirements: Create a report of all Windows 7 computers that are currently connected to the network and that do not have the security update installed. Use the least amount of administrative effort. You need to manage the software update process to meet the requirements. What should you do?()A
Deploy Microsoft Windows Server Update Services (WSUS). Approve the security update for installation,and forcea detection cycle on the client computers.B
Deploy Microsoft Windows Server Update Services (WSUS). Approve the security update for detection, and force adetection cycle on the client computers.C
Use the Microsoft Baseline Security Analyzer (MBSA) to scan the client computers.Configure MBSA to use the Microsoft Update site catalog.D
Use the Microsoft Baseline Configuration Analyzer (MBCA) to scan the client computers.