网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
You are a security administrator for your company. All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a server named Server1. The company’s written security policy states that all updates must be tested and approved before they are installed on network computers. You need to ensure that SUS uses the minimum amount of disk space on Server1. What should you do?()
A
Configure Server1 to redirect client computers to the Microsoft Windows Update servers.
B
Compress the folder in which the downloaded updates are stored.
C
Configure Server1 to store only the locales that are needed.
D
Download the updates, and then delete updates that are not approved for client computers.
参考答案
参考解析
解析:
暂无解析
更多 “单选题You are a security administrator for your company. All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a server named Server1. The company’s written security policy states that all updates must be tested and approved before they are installed on network computers. You need to ensure that SUS uses the minimum amount of disk space on Server1. What should you do?()A Configure Server1 to redirect client computers to the Microsoft Windows Update servers.B Compress the folder in which the downloaded updates are stored.C Configure Server1 to store only the locales that are needed.D Download the updates, and then delete updates that are not approved for client computers.” 相关考题
考题
You are the network administrator for your company. The network originally consists of a single Windows NT 4.0 domain.You upgrade the domain to a single Active Directory domain. All network servers now run Windows Server 2003, and all client computers run Windows XP Professional.Your staff provides technical support to the network. They frequently establish Remote Desktop connections with a domain controller named DC1.You hire 25 new support specialists for your staff. You use Csvde.exe to create Active Directory user accounts for all 25.A new support specialist named Paul reports that he cannot establish a Remote Desktop connection with DC1. He receives the message shown in the Logon Message exhibit. (Click the Exhibit button.)You open Gpedit.msc on DC1. You see the display shown in the Security Policy exhibit. (Click the Exhibit button.)You need to ensure that Paul can establish Remote Desktop connections with DC1.What should you do? ()
考题
You should be ______ with your movements because of all the security.A.useful
B.skillful
C.careful
D.helpful
考题
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()A、 UrlScan Security ToolB、 Enterprise Scan Tool (EST)C、 Malicious Removal Tool (MRT)D、 Microsoft Baseline Security Analyzer (MBSA)
考题
You are a security administrator for your company. All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a server named Server1. The company’s written security policy states that all updates must be tested and approved before they are installed on network computers. You need to ensure that SUS uses the minimum amount of disk space on Server1. What should you do?()A、 Configure Server1 to redirect client computers to the Microsoft Windows Update servers.B、 Compress the folder in which the downloaded updates are stored.C、 Configure Server1 to store only the locales that are needed.D、 Download the updates, and then delete updates that are not approved for client computers.
考题
ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU. You need to verify that users are connecting to the two servers by using encrypted connections. What should you do?()A、Run the net view command.B、Run the gpresult command.C、Use the IP Security Monitor console.D、Use the IPSec Policy Management console.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements. What should you do? ()A、 Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B、 Apply the Application.inf template and then the Hisecws.inf template.C、 Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D、 Apply the Setup security.inf template and then the Application.inf template.
考题
You are the network administrator for your company. All servers run Windows Server 2003. Twenty company employees connect to a terminal server named Server2 to run applications and to gain access to the Internet.The 20 employees report that they receive security messages while browsing Internet Web sites. The employees report that they cannot modify the Internet Explorer security settings on their client computers while connected to Server2.You need to allow these 20 employees to modify the Internet Explorer security settings on their client computers while connected to Server2. What should you do?()A、Log on to Server2 as Administrator and add http:// to the list of trusted sites in Internet Explorer.B、Instruct the 20 employees to add http:// to the list of trusted sites in Internet Explorer on their client computers.C、Instruct the 20 employees to change the Internet Explorer privacy settings on their client computers to Low.D、Uninstall Internet Explorer Enhanced Security Configuration on Server2.
考题
You are the desktop administrator for your company. The company's network contains 500 Windows XP Professional computers. The information security department releases a new security template named NewSec.inf. You import NewSec.inf into a security database named NewSec.sdb. You analyze the result, and you review the changes that the template makes. You examine the security policies that are defined in NewSec.inf. You discover that the settings in NewSec.inf have not been implemented on your computer. You need to ensure that the settings in NewSec.inf overwrite the settings in your computer's local security policy. What are two possible ways to achieve this goal?()A、Run the Secedit /configure /db C:/NewSec.sdb command.B、Run the Secedit /refreshpolicy machine_policy command.C、Copy NewSec.inf to the C:/Windows/Inf folder. D、Copy NewSec.sdb to the C:/Windows/System32/Microsoft/Protect folder. E、Use the Security Configuration and Analysis console to open NewSec.sdb and then to perform a Configure operation. F、Use the Security Configuration and Analysis console to export NewSec.sdb to the Defltwk.inf security template.
考题
You are a network administrator for your company. The network contains a perimeter network. The perimeter network contains four Windows Server 2003, Web Edition computers that are configured as a Network Load Balancing cluster. The cluster hosts an e-commerce Web site that must be available 24 hours per day. The cluster is located in a physically secure data center and uses an Internet-addressable virtual IP address. All servers in the cluster are configured with the Hisecws.inf template. You need to implement protective measures against the cluster’s most significant security vulnerability. What should you do? ()A、 Use Encrypting File System (EFS) for all files that contain confidential data stored on the cluster.B、 Use packet filtering on all inbound traffic to the cluster.C、 Use Security Configuration and Analysis regularly to compare the security settings on all servers in the cluster with the baseline settings.D、 Use intrusion detection on the perimeter network.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional. You are planning a security update infrastructure. You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically. What should you do? ()A、 Schedule the secedit command to run every night.B、 Schedule the mbsacli.exe command to run every night.C、 Install Microsoft Baseline Security Analyzer (MBSA) on one of the servers. Configure Automatic Updates on all other computers to use that server.D、 Install Software Update Services (SUS) on one of the servers. Configure the SUS server to update every night.
考题
You have an Exchange Server 2010 organization. Your company has a relationship with another company. The partner company has an Exchange Server 2010 organization. You need to recommend a security solution to meet the following requirements: .Ensure that all e-mail delivery between your servers and the partner companys servers is encrypted .Ensure that all communication between your servers and the partner companys servers is authenticated What should you include in the solution?()A、Active Directory Rights Management Services (AD RMS)B、Domain SecurityC、Forms-based AuthenticationD、Secure/Multipurpose Internet Mail Extensions (S/MIME)
考题
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. The company occasionally experiences downtime because of malicious lnternet worms that arrive as Microsoft Visual Basic Scripting Edition (VBS) files. You examine several client computers and discover that VBS files are downloaded by using Microsoft Outlook,instant messaging,or peer-to-peer file sharing programs. You need to prevent users from running VBS files regardless of how they arrive on client computers. What should you do?()A、 Use a software restriction policy to disable all unauthorized scripts.B、 Use an Administrative Template to ensure that Outlook and lnternet Explorer are in the Restricted Sites security zonC、 Use a centralized logon script to rename the Wscript.exe file on each computer to contain a nonexecutable extensioD、 Use a file system security policy to assign the Deny - Execute permission for the Wscript.exe file.
考题
You need to identify potential security threats. Which of the following security breaches might occur under the current IT and security practices?(Choose all that apply)()A、A virus that infects an IT administrator’s client computer could gain domain administrator privilegesB、Couriers could gain access to domain administrator privilegesC、Business office staff could discover couriers’ passwords and use them to access couriers’ informationD、All users could use their user accounts to gain the ability to install untested security patches on their client computers
考题
You have an Exchange Server 2010 organization. You have a global security group named Legal that contains all the members of your companys legaldepartment. The companys security policy states that the Legal group must be able to search all mailboxes for e-mailmessages that contain specific keywords. You need to recommend a solution for the organization that complies with the security policy. What should you include in the solution?()A、a Discovery Management role groupB、a legal holdC、administrator audit loggingD、Mailbox journaling
考题
You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level. Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account. You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers. What should you do?()A、 Create a global distribution group in the forest root domain and name it Company Editors.B、 Create a global security group in the forest root domain and name it Company Editors.C、 Create a universal distribution group in the forest root domain and name it Company Editors. D、 Create a universal security group in the forest root domain and name it Company Editors.
考题
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows 2003 Server. All client computers run Windows XP Professional. All computers are configured to use Automatic Updates to install updates without user intervention. Updates are scheduled to occur during o peak hours. During a security audit,you notice some client computers are not receiving updates on a regular basis. You verify that Automatic Updates is running on All client computers, and you verify that users cannot modify the Automatic Updates settings. You need to ensure that computers on your network receive all updates. What should you do?()A、 Enable the No auto-restart for scheduled Automatic Updates installations setting.B、 Disable the Specify intranet Microsoft update service location setting.C、 Enable the Remove access to use all Windows Update features setting.D、 Enable the Reschedule Automatic Updates scheduled installations setting.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. You need to implement a new software update infrastructure. You discover that security patches, critical updates, and service packs have never been installed on any client computer on the network.You install Windows Server Update Services (WSUS) on a Windows Server 2003 computer named Server5. You synchronize and approve all of the current security patches, critical updates, and service packs.You need to ensure that all client computers receive all Microsoft security patches, critical updates, and service packs. Which two actions should you perform?()A、Open the WSUS console. Select the option to automatically approve WSUS updates.B、Install the Automatic Updates client on all client computers.C、Modify the Microsoft Update settings of the Default Domain Controller organizational unit (OU) Group Policy object (GPO) to point client computers to http ://server5.D、Modify the Microsoft Update settings of the Default Domain Policy Group Policy object (GPO) to point client computers to http: //server5.E、Open the WSUS console. Create a target group and assign all client computers to the group.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional. The company has legacy applications that run on UNIX servers. The legacy applications use the LDAP protocol to query Active Directory for employee information. The domain controllers are currently configured with the default security settings. You need to configure enhanced security for the domain controllers. In particular, you want to configure stronger password settings, audit settings, and lockout settings. You want to minimize interference with the proper functioning of the legacy applications. You decide to use the predefined security templates. You need to choose the appropriate predefined security template to apply to the domain controllers. What should you do?()A、 Apply the Setup security.inf template to the domain controllers.B、 Apply the DC security.inf template to the domain controllers.C、 Apply the Securedc.inf template to the domain controllers.D、 Apply the Rootsec.inf template to the domain controllers.
考题
You are the network administrator for Company. Many of the employees in the sales department travel on a regular basis and needs to dial into the company network from their Windows 2000 Professional portable computers. Your company recently implemented a new computing security policy that mandates all remote connections be established by a two-way authentication method. You configure a Windows 2000 Server computer to run Routing and Remote Access to meet the requirements of the new security policy. Employees who travel report they can no longer initiate a dial-up connection. You need to give employees who travel the ability to dial in to the company network. What should you do? ()A、Configure the dial-up connection on all of the portable computers to use L2TP.B、Configure the dial-up connection on all of the portable computers to use MS-CHAP v2.C、Apply the Compatws.inf Security Template to all of the portable computers.D、Apply the Hisecws.inf Security Template to all of the portable computers.
考题
问答题Practice 1 ● You work for a large company. You are going to be transferred to another department within your company. ● Write an email to all staff: ● telling them which department you are moving to ● saying when you will be moving department ● explaining what your new responsibility will be. ● Write 40-50 words.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directorydomain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional with default settings. Some users have portable computers, and the rest have desktop computers.You need to ensure that all users are authenticated by a domain controller when they log on.How should you modify the local security policy? ()A
Require authentication by a domain controller to unlock the client computer.B
Cache zero interactive logons.C
Cache 50 interactive logons.D
Grant the Log on locally user right to the Users group.
考题
单选题You are a security administrator for your company. The network consists of three Active Directory domains. All Active Directory domains are running at a Windows Server 2003 mode functionality level. Employees in the editorial department of your company need access to resources on file servers that are in each of the Active Directory domains. Each Active Directory domain in the company contains at least one editorial department employee user account. You need to create a single group named Company Editors that contains all editorial department employee user accounts and that has access to the resources on file server computers. What should you do?()A
Create a global distribution group in the forest root domain and name it Company Editors.B
Create a global security group in the forest root domain and name it Company Editors.C
Create a universal distribution group in the forest root domain and name it Company Editors. D
Create a universal security group in the forest root domain and name it Company Editors.
考题
单选题You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. The company occasionally experiences downtime because of malicious lnternet worms that arrive as Microsoft Visual Basic Scripting Edition (VBS) files. You examine several client computers and discover that VBS files are downloaded by using Microsoft Outlook,instant messaging,or peer-to-peer file sharing programs. You need to prevent users from running VBS files regardless of how they arrive on client computers. What should you do?()A
Use a software restriction policy to disable all unauthorized scripts.B
Use an Administrative Template to ensure that Outlook and lnternet Explorer are in the Restricted Sites security zonC
Use a centralized logon script to rename the Wscript.exe file on each computer to contain a nonexecutable extensioD
Use a file system security policy to assign the Deny - Execute permission for the Wscript.exe file.
考题
单选题You are a network administrator for your company. The network contains a perimeter network. The perimeter network contains four Windows Server 2003, Web Edition computers that are configured as a Network Load Balancing cluster. The cluster hosts an e-commerce Web site that must be available 24 hours per day. The cluster is located in a physically secure data center and uses an Internet-addressable virtual IP address. All servers in the cluster are configured with the Hisecws.inf template. You need to implement protective measures against the cluster’s most significant security vulnerability. What should you do? ()A
Use Encrypting File System (EFS) for all files that contain confidential data stored on the cluster.B
Use packet filtering on all inbound traffic to the cluster.C
Use Security Configuration and Analysis regularly to compare the security settings on all servers in the cluster with the baseline settings.D
Use intrusion detection on the perimeter network.
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory forest. The forest consists of 19 Active Directory domains. Fifteen of the domains contain Windows Server 2003 domain controllers. The functional level of all the domains is Windows 2000 native. The network also consists of a single Microsoft Exchange 2000 Server organization. You need to create groups that can be used only to send e-mail messages to user accounts throughout the company. You want to achieve this goal by using the minimum amount of replication traffic and minimizing the size of the Active Directory database. You need to create a plan for creating e-mail groups for your company. What should you do?()A
Create global distribution groups in each domain. Make the appropriate users from each domain members of the global distribution group in the same domain. Create universal distribution groups. Make the global distribution groups in each domain members of the universal distribution groups.B
Create global security groups in each domain. Make the appropriate users from each domain members of the security group in the same domain. Create universal security groups. Make the global security groups in each domain members of the universal security groups.C
Create universal distribution groups. Make the appropriate users from each domain members of a universal distribution group.D
Create universal security groups. Make the appropriate users from each domain members of a universal security group.
考题
单选题You are the network administrator for your company. All network servers run Windows Server 2003. All client computers run Windows XP Professional. A member server named Server1 is located at a branch office that does not permit the use of Remote Desktop Protocol. Another administrator uses the Backup utility to create a scheduled backup job on Server1. The backup job performs a normal backup of an application server. The application server is removed from the network. You need to use a client computer to remove the backup job from Server1. You cannot travel to the branch office. What should you do? ()A
Use the RUNAS feature to run the at /delete command as the Server1/Administrator account.B
Log on by using your Administrator account and run the ntbackup /D command.C
Log on by using your Administrator account and run the schtasks /delete command.D
Use the RUNAS feature to run the taskkill command as the Server1/Administrator account.
考题
单选题You are the network administrator for your company. All network servers run Windows Server 2003. All client computers run Windows XP Professional. A member server named Server1 is located at a branch office that does not permit the use of Remote Desktop Protocol. Another administrator uses the Backup utility to create a scheduled backup job on Server1. The backup job performs a normal backup of an application server. The application server is removed from the network. You need to use a client computer to remove the backup job from Server1. You cannot travel to the branch office. What should you do?()A
Use the RUNAS feature to run the at /delete command as the Server1/Administrator account.B
Log on by using your Administrator account and run the ntbackup /D command.C
Log on by using your Administrator account and run the schtasks /delete command.D
Use the RUNAS feature to run the taskkill command as the Server1/Administrator account.
热门标签
最新试卷